last executing test programs: 4.839714917s ago: executing program 1 (id=2143): pipe(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) write$P9_RGETLOCK(r0, &(0x7f00000002c0)=ANY=[], 0x200002e6) fcntl$setpipe(r0, 0x407, 0x8000b) fcntl$setpipe(r0, 0x407, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x40020002, @remote, 0xb}, 0x1c) setsockopt$inet6_IPV6_ADDRFORM(r1, 0x29, 0x1, &(0x7f0000000200), 0x4) ioctl$BTRFS_IOC_QUOTA_RESCAN(r1, 0x4040942c, &(0x7f0000000180)={0x0, 0x6, [0x1000, 0x1, 0x6, 0x10, 0x1]}) r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r2, 0xaf01, 0x0) sendmmsg$inet6(0xffffffffffffffff, &(0x7f00000000c0)=[{{&(0x7f00000001c0)={0xa, 0x4e21, 0x8010, @mcast1, 0xfffffffc}, 0x1c, 0x0}}], 0x1, 0x24000080) ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, &(0x7f0000002100)) ioctl$VHOST_GET_VRING_ENDIAN(r2, 0x4028af11, &(0x7f00000001c0)) ioctl$RTC_EPOCH_SET(r0, 0x4008700e, 0x13d2) ioctl$VHOST_VSOCK_SET_RUNNING(r2, 0x4004af61, &(0x7f0000001980)=0x1) r3 = bpf$BPF_RAW_TRACEPOINT_OPEN_UNNAMED(0x11, &(0x7f0000000000), 0x10) close_range(r0, r3, 0x2) fspick(r0, &(0x7f0000000040)='./file1\x00', 0x0) syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, 0x0) 3.676413545s ago: executing program 1 (id=2152): bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000080000000d"], 0x48) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000180)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1c}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) 3.627371302s ago: executing program 1 (id=2155): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000240)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-cipher_null\x00'}, 0x58) r1 = accept4(r0, 0x0, 0x0, 0x80800) sendmmsg$unix(r1, &(0x7f0000000800)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000003180)=[@rights={{0x10}}], 0x10, 0x24044800}}], 0x2, 0x0) 3.568731848s ago: executing program 1 (id=2157): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) r1 = dup(r0) r2 = socket$nl_generic(0x10, 0x3, 0x10) setsockopt$inet6_buf(0xffffffffffffffff, 0x29, 0x39, 0x0, 0x0) syz_genetlink_get_family_id$tipc2(0x0, 0xffffffffffffffff) bpf$PROG_LOAD(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r3 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, 0x0, 0x0) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB], 0x48) ioprio_get$pid(0x1, r3) sendmsg$TIPC_NL_LINK_SET(r2, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000340)={0x0, 0x38}}, 0x0) write$UHID_INPUT(r1, &(0x7f0000002080)={0xc, {"a2e3ad21ed0d52f91b5d320987f70e06d038e7ff7fc6e5539b3247298b089b070d366e090890e0878f0e1ac6e7049b334a959bfc9a240d2567f3988f7ef319520100ffe8d178708c523c921b1b9b31070d075d0936cd3b78130daa61d8e809ea882f5802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb056d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498be0800000000000000f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6efcffac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ec126c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b8247068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c198045651cf4778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7beddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c5409711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e24919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5136651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf3f2aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f00000000000000000000b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d53588a0f9455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d664130bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7899484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ea4cd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f031755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e36bb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb24ee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006) 3.180024113s ago: executing program 0 (id=2161): pipe(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) write$P9_RGETLOCK(r0, &(0x7f00000002c0)=ANY=[], 0x200002e6) fcntl$setpipe(r0, 0x407, 0x8000b) fcntl$setpipe(r0, 0x407, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x40020002, @remote, 0xb}, 0x1c) setsockopt$inet6_IPV6_ADDRFORM(r1, 0x29, 0x1, &(0x7f0000000200), 0x4) ioctl$BTRFS_IOC_QUOTA_RESCAN(r1, 0x4040942c, &(0x7f0000000180)={0x0, 0x6, [0x1000, 0x1, 0x6, 0x10, 0x1]}) r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r2, 0xaf01, 0x0) sendmmsg$inet6(0xffffffffffffffff, &(0x7f00000000c0)=[{{&(0x7f00000001c0)={0xa, 0x4e21, 0x8010, @mcast1, 0xfffffffc}, 0x1c, 0x0}}], 0x1, 0x24000080) ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, &(0x7f0000002100)) ioctl$VHOST_GET_VRING_ENDIAN(r2, 0x4028af11, &(0x7f00000001c0)) ioctl$RTC_EPOCH_SET(r0, 0x4008700e, 0x13d2) ioctl$VHOST_VSOCK_SET_RUNNING(r2, 0x4004af61, &(0x7f0000001980)=0x1) r3 = bpf$BPF_RAW_TRACEPOINT_OPEN_UNNAMED(0x11, &(0x7f0000000000), 0x10) close_range(r0, r3, 0x2) fspick(r0, &(0x7f0000000040)='./file1\x00', 0x0) syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, 0x0) 2.739360739s ago: executing program 3 (id=2165): r0 = socket$vsock_stream(0x28, 0x1, 0x0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x42202) write$sndseq(r1, 0x0, 0x0) r2 = dup(r0) mount$9p_fd(0x0, &(0x7f0000000540)='.\x00', &(0x7f0000000180), 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) 2.739089426s ago: executing program 3 (id=2166): bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000000e00)=ANY=[@ANYBLOB="61154c000000000061138c0000000000bfa000000000000007000000080000002d0301000000000095000000000000006916000000000000bf67000000000000350607000fff07206706000003000000160302000ee60060bf350000000000000f650000000000006507f9ff0100000007070000cddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd3997f9c9c4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44e2a2235c8ac86d8a297dff0445a15f21dc725f431bcab0ef59b8f0e431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932b3a6aa0100000000000000b93716d20000009f0f53acbb40b4f8e2738270b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f679629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253880800000000000000690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43010000007b40407d000000210000000000000000005f37d83f84e98a523d80bd970d703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5489af8dc2f17923f3c40dfd1970a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000000000bb0d00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba9000000000000003cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c693962895496d4ffcae1a8a793a7795a9214a92f66e9cc54db6c7205a6b068fff496d2da7d632bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6186f117b062df67d3a63f3265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db88aa3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f8150d999d788535a4d3114dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fc5fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff139604faf0a4da65396174b4563d54b52f06c870edf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a6bff52f657a67463d7dbf85ae9321fc2b517dc4a29b9cba8ded5de8206c812439ab129ae818837ee1562078fc524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc3086936d7637e07c4a2a3bc87b0da23c00d9ef418cf19e7a8c4c328be0ce91798adc2dca871073f6bd61dc18402cde8bf777b2eaa45c940aabc86b94f8cbde4d470667bee722a6a2af483ad0d3415ed0f9db009acaba9eaea93f811d434e00000000000000000000d154baa8e51489a614e69722bac30000000000000000000000000000a006b178438e930b2494db1bf624a70a19a45b8b71869afb13cb2ac1d2f3ec0d93a3e4fd0ad076c7d826f218aa6ba8ec5e58b7c64dc8616127087901dc65418a4b25bfa7ae8b5ad9642815f319230425e8bd89c6983d816d97d81a739917eecd26f9a3aecaf0acdaf6cffab38eae3b10b122b4bf521a46bf01a0c136f745113b589459fbe1666087a7c554a55e2b42ab7e405a77f405a348a64e356b7fb61e48ea9c87bf13f97052c51fdd49f3dbccf9874cf61807ae4b1665ccdd026d4580a068395e8cb851eeadb1da6d1009513ca73a685c66fb15f27eb74a7a4eb5966e3ef4be3ca8ba81b2d17d797265390ce616c3d7b566fe956fb93c6a43f4dc6bfc194daeb7b998d550773bc14aca"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffffd2, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) mount$tmpfs(0x0, 0x0, 0x0, 0x0, 0x0) mount$bind(&(0x7f0000000000)='./file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x8b101b, 0x0) umount2(&(0x7f00000002c0)='./file0\x00', 0x0) socket$netlink(0x10, 0x3, 0x0) prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$MSR(&(0x7f0000000080), 0x0, 0x0) read$msr(r0, &(0x7f0000002000)=""/102400, 0x19000) mount$nfs4(0x0, &(0x7f0000000200)='./file0\x00', 0x0, 0x2000400, 0x0) 2.649770948s ago: executing program 3 (id=2167): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) rmdir(&(0x7f00000000c0)='./cgroup/../file0\x00') openat$cgroup_pressure(r4, &(0x7f0000000040)='cpu.pressure\x00', 0x2, 0x0) 2.649623329s ago: executing program 1 (id=2168): fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) keyctl$search(0xa, 0x0, &(0x7f0000000140)='big_key\x00', 0x0, 0xfffffffffffffffd) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) umount2(&(0x7f00000000c0)='./file0\x00', 0x5) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000440)={0x0}}, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) r2 = socket$key(0xf, 0x3, 0x2) sendmsg$key(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0) sendmsg$key(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000400)={0x2, 0x9, 0x0, 0x3, 0x2}, 0x10}}, 0x0) fsopen(&(0x7f0000000200)='tracefs\x00', 0x0) 2.626023334s ago: executing program 2 (id=2169): mkdir(&(0x7f0000000140)='./control\x00', 0x0) inotify_init1(0x800) close(0x3) bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x15, 0x8, 0x8, 0x0, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) write$uinput_user_dev(0xffffffffffffffff, 0x0, 0x0) r3 = io_uring_setup(0x3b2c, &(0x7f0000000000)={0x0, 0x603b, 0x10, 0x1, 0x2a8}) io_uring_register$IORING_REGISTER_PERSONALITY(r3, 0x9, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r3, 0xa, 0x0, 0x0) 2.336937532s ago: executing program 0 (id=2170): ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000240)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_DEL_KEY(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000b00)={0x30, r0, 0x1, 0x70bd2c, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_KEY_IDX={0x5, 0x8, 0x1}]}, 0x30}, 0x1, 0x0, 0x0, 0x8084}, 0x4014) 2.259213277s ago: executing program 0 (id=2171): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000f80), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000280)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_STATION(r0, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000fcdbdf251200000008000300", @ANYRES32=r2, @ANYBLOB="0600120000000000040013000a000600080211000001000006001000a70600000500e4"], 0x44}, 0x1, 0x0, 0x0, 0x20000004}, 0x0) 2.258902317s ago: executing program 0 (id=2172): mremap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x4000, 0x3, &(0x7f0000005000/0x4000)=nil) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=@framed={{0x18, 0x8, 0x0, 0x0, 0x1ac81b, 0x0, 0x0, 0x0, 0x1000000}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd={0x18, 0x0, 0x0}, @generic={0x66, 0x8, 0x0, 0x0, 0x1010000}, @initr0, @exit, @alu={0x6, 0x0, 0x3, 0xa, 0x0, 0x0, 0x300}, @printk={@x, {}, {}, {}, {}, {0x5, 0x0, 0xb, 0xa}}]}, &(0x7f0000000000)='GPL\x00', 0x2, 0xff5c, &(0x7f0000000340)=""/222, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78) 2.20013542s ago: executing program 0 (id=2173): r0 = syz_usb_connect(0x0, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x141, 0x48, 0x13, 0x44, 0x20, 0x424, 0x7500, 0x69ee, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x10, 0x0, [{{0x9, 0x4, 0xb8, 0x7, 0x2, 0x96, 0xd1, 0xca, 0x0, [], [{{0x9, 0x5, 0x6, 0x2, 0x200, 0xd, 0x0, 0x6}}, {{0x9, 0x5, 0x82, 0x2, 0x200, 0x0, 0x1, 0x10}}]}}]}}]}}, 0x0) syz_usb_control_io$uac1(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, &(0x7f0000000900)={0x84, &(0x7f0000000f80)=ANY=[@ANYBLOB="000504000000ab"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io(r0, 0x0, &(0x7f0000000a00)={0x84, &(0x7f0000000500)={0x40, 0x3, 0x4, "acff1436"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000480)={0x44, &(0x7f0000000140)={0x20, 0xe, 0x4, "d12748bf"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 1.759243471s ago: executing program 3 (id=2174): r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000004600)=@raw={'raw\x00', 0xc01, 0x3, 0x2298, 0x1100, 0x5002004a, 0x0, 0x0, 0x0, 0x2200, 0x3c8, 0x3c8, 0x2200, 0x3c8, 0x3, 0x0, {[{{@uncond, 0x60, 0x10a0, 0x1100, 0x0, {}, [@common=@unspec=@cgroup1={{0x1030}, {0x1, 0x0, 0x0, 0x0, './cgroup.cpu/syz1\x00'}}]}, @common=@SET={0x60, 'SET\x00', 0x0, {{0x1, [0x2, 0x1, 0x7], 0x6, 0x2}, {0x2, [0x0, 0x6, 0x4, 0x9, 0x0, 0x89ce99baffcf6900], 0x1, 0x1}}}}, {{@uncond, 0x0, 0x10a0, 0x1100, 0x0, {}, [@common=@unspec=@cgroup1={{0x1030}, {0x0, 0x0, 0x1, 0x1, './cgroup.net/syz1\x00', 0x2, {0x5}}}]}, @common=@inet=@HMARK={0x60, 'HMARK\x00', 0x0, {@ipv4=@loopback, [0xffffff00, 0xff000000, 0xff, 0xff0000ff], 0x4e22, 0x4c20, 0x4e24, 0x4e23, 0xc9, 0x0, 0x3b, 0x83, 0x25}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x22f8) 1.759087277s ago: executing program 3 (id=2175): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000300)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = socket$key(0xf, 0x3, 0x2) recvmmsg(r4, &(0x7f0000000440), 0x6f5, 0x2, &(0x7f0000000480)={0x77359400}) sendmsg$key(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000004c0)=ANY=[@ANYBLOB="0216000002"], 0x10}}, 0x0) r5 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040), 0x2a41, 0x0) read$FUSE(r5, &(0x7f0000001280)={0x2020}, 0x2020) 1.690270532s ago: executing program 2 (id=2176): r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) readv(r0, &(0x7f0000000040)=[{&(0x7f0000001dc0)=""/4104, 0x1008}], 0x1) 1.690138249s ago: executing program 2 (id=2177): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000280)={0xa, 0x2, 0x0, @empty}, 0x1c) listen(r0, 0x2) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x9, &(0x7f0000000080)=0x1, 0x4) sendto$inet6(r1, 0x0, 0x0, 0x20000845, &(0x7f0000b63fe4)={0xa, 0x2}, 0x1c) 1.629494325s ago: executing program 2 (id=2178): prlimit64(0x0, 0xe, &(0x7f0000000080)={0x7, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x3) syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000340), 0x302, 0x0) sendmsg$IPSET_CMD_ADD(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)=ANY=[@ANYBLOB="50000000090601020000000000000000000000000900020073797a31000000000500010007"], 0x50}, 0x1, 0x0, 0x0, 0x10000047}, 0x4000050) r3 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r4 = dup(r3) ioctl$PTP_EXTTS_REQUEST2(r4, 0x40383d0c, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r5 = socket(0x400000000010, 0x3, 0x0) r6 = socket$unix(0x1, 0x5, 0x0) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r5, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000640)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0xffffffff, {0x0, 0x0, 0x0, r7, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xffff, 0xf}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x4, 0x6}}]}}]}, 0x48}, 0x1, 0x0, 0x0, 0x40000}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x80}, 0x40) 850.672681ms ago: executing program 3 (id=2179): pipe(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) write$P9_RGETLOCK(r0, &(0x7f00000002c0)=ANY=[], 0x200002e6) fcntl$setpipe(r0, 0x407, 0x8000b) fcntl$setpipe(r0, 0x407, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x40020002, @remote, 0xb}, 0x1c) setsockopt$inet6_IPV6_ADDRFORM(r1, 0x29, 0x1, &(0x7f0000000200), 0x4) ioctl$BTRFS_IOC_QUOTA_RESCAN(r1, 0x4040942c, &(0x7f0000000180)={0x0, 0x6, [0x1000, 0x1, 0x6, 0x10, 0x1]}) r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r2, 0xaf01, 0x0) sendmmsg$inet6(0xffffffffffffffff, &(0x7f00000000c0)=[{{&(0x7f00000001c0)={0xa, 0x4e21, 0x8010, @mcast1, 0xfffffffc}, 0x1c, 0x0}}], 0x1, 0x24000080) ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, &(0x7f0000002100)) ioctl$VHOST_GET_VRING_ENDIAN(r2, 0x4028af11, &(0x7f00000001c0)) ioctl$RTC_EPOCH_SET(r0, 0x4008700e, 0x13d2) ioctl$VHOST_VSOCK_SET_RUNNING(r2, 0x4004af61, &(0x7f0000001980)=0x1) r3 = bpf$BPF_RAW_TRACEPOINT_OPEN_UNNAMED(0x11, &(0x7f0000000000), 0x10) close_range(r0, r3, 0x2) fspick(r0, &(0x7f0000000040)='./file1\x00', 0x0) syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, 0x0) 849.147587ms ago: executing program 1 (id=2187): socket$nl_xfrm(0x10, 0x3, 0x6) r0 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000700)={0xffffffffffffffff, 0x0, 0x0}, 0x10) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000100)={0x0, 0x0}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r0) getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(0xffffffffffffffff, 0x6, 0x23, &(0x7f0000000240)={&(0x7f00004a3000/0x2000)=nil, 0x2000, 0x0, 0x0, 0x0, &(0x7f0000000740)=""/209, 0xd1, 0x0, &(0x7f00000000c0)=""/61, 0x3d}, &(0x7f0000000340)=0x40) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) sendmsg$unix(r3, &(0x7f00000007c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=[@rights={{0x14, 0x1, 0x1, [r3]}}], 0x18, 0x4800}, 0x8004) 700.04842ms ago: executing program 2 (id=2180): mmap$KVM_VCPU(&(0x7f0000133000/0x3000)=nil, 0x0, 0x0, 0x80010, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0x12, 0x1, 0x4, 0x50e8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000000040)={r0, 0x0, 0x20000004}, 0x20) 520.272186ms ago: executing program 2 (id=2181): iopl(0x3) pselect6(0x0, 0x0, &(0x7f0000000240)={0x80000001, 0x9, 0x801, 0x409671, 0x8000000000000001, 0x0, 0x8000000000000000, 0xfc41}, &(0x7f0000000300)={0x0, 0x5, 0x0, 0x2000000000001, 0x200, 0x8000, 0x7ff, 0xfffffffffffffffa}, 0x0, &(0x7f0000000480)={&(0x7f0000000180)={[0x4]}, 0x8}) 0s ago: executing program 0 (id=2182): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000040)) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000080)={[{0x5, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0xa6, 0x0, 0x5, 0x0, 0xfffffffffffffdfc}, {0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x4, 0xff, 0x2, 0x0, 0x800000000000000}, {0x2, 0x3, 0x0, 0x0, 0x4, 0x5, 0x4, 0x0, 0x5}]}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000000)={0x1, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000100)={[{0x0, 0xffff, 0x6, 0x81, 0x7, 0x1b, 0x9, 0xe, 0x4, 0x6, 0x7f, 0x7, 0x6}, {0x5, 0x3, 0x13, 0x1, 0x7, 0xfe, 0x7c, 0x2, 0x3, 0x4, 0x0, 0x43, 0x5}, {0x4, 0xfff8, 0xaf, 0xf6, 0x6, 0x3d, 0xb9, 0x0, 0x8, 0x0, 0xa, 0x2, 0x10}], 0x9}) 0s ago: executing program 3 (id=2183): r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x6, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180200002343ffff0000000000000000850000004100000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x20, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'syz_tun\x00', 0x0}) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r1, r2, 0x25, 0x0, @void}, 0x10) syz_emit_ethernet(0xfdef, &(0x7f0000000a80)=ANY=[], 0x0) kernel console output (not intermixed with test programs): e strings: Mfr=1, Product=2, SerialNumber=3 [ 67.431641][ T9] usb 8-1: Product: syz [ 67.432888][ T9] usb 8-1: Manufacturer: syz [ 67.434248][ T9] usb 8-1: SerialNumber: syz [ 67.476890][ T6940] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 67.643022][ T6979] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22 [ 67.650280][ T6999] netlink: 8 bytes leftover after parsing attributes in process `syz.2.395'. [ 67.652960][ T6999] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 67.656197][ T6999] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 67.682906][ T10] cdc_mbim 5-1:1.0: failed to get mac address [ 67.687456][ T10] cdc_mbim 5-1:1.0: bind() failure [ 67.690699][ T10] cdc_ncm 5-1:1.1: probe with driver cdc_ncm failed with error -71 [ 67.693314][ T10] cdc_mbim 5-1:1.1: probe with driver cdc_mbim failed with error -71 [ 67.696889][ T10] usbtest 5-1:1.1: probe with driver usbtest failed with error -71 [ 67.700916][ T10] usb 5-1: USB disconnect, device number 7 [ 68.211268][ T7003] netlink: 4 bytes leftover after parsing attributes in process `syz.1.397'. [ 68.248586][ T6979] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22 [ 68.452111][ T9] cdc_mbim 8-1:1.0: MAC-Address: 42:42:42:42:42:42 [ 68.454019][ T9] cdc_mbim 8-1:1.0: dwNtbInMaxSize=0 is too small. Using 2048 [ 68.456620][ T9] cdc_mbim 8-1:1.0: setting rx_max = 2048 [ 68.513534][ T7037] netlink: 4 bytes leftover after parsing attributes in process `syz.0.410'. [ 68.657638][ T9] cdc_mbim 8-1:1.0: setting tx_max = 184 [ 68.665095][ T9] cdc_mbim 8-1:1.0: cdc-wdm0: USB WDM device [ 68.670952][ T9] wwan wwan0: port wwan0mbim0 attached [ 68.682294][ T9] cdc_mbim 8-1:1.0 wwan0: register 'cdc_mbim' at usb-dummy_hcd.3-1, CDC MBIM, 42:42:42:42:42:42 [ 68.792470][ T7070] netlink: 4 bytes leftover after parsing attributes in process `syz.2.422'. [ 68.858818][ C0] cdc_mbim 8-1:1.0: nonzero urb status received: -71 [ 68.860736][ T5659] 8021q: adding VLAN 0 to HW filter on device wwan0 [ 68.860783][ C0] cdc_mbim 8-1:1.0: wdm_int_callback - 0 bytes [ 68.864510][ C0] cdc_mbim 8-1:1.0: nonzero urb status received: -71 [ 68.866398][ C0] cdc_mbim 8-1:1.0: wdm_int_callback - 0 bytes [ 68.868284][ C0] cdc_mbim 8-1:1.0: nonzero urb status received: -71 [ 68.870115][ C0] cdc_mbim 8-1:1.0: wdm_int_callback - 0 bytes [ 68.871937][ C0] cdc_mbim 8-1:1.0: nonzero urb status received: -71 [ 68.873759][ C0] cdc_mbim 8-1:1.0: wdm_int_callback - 0 bytes [ 68.875653][ C0] cdc_mbim 8-1:1.0: nonzero urb status received: -71 [ 68.877495][ C0] cdc_mbim 8-1:1.0: wdm_int_callback - 0 bytes [ 68.879366][ C0] cdc_mbim 8-1:1.0: nonzero urb status received: -71 [ 68.881220][ C0] cdc_mbim 8-1:1.0: wdm_int_callback - 0 bytes [ 68.883103][ C0] cdc_mbim 8-1:1.0: nonzero urb status received: -71 [ 68.884974][ C0] cdc_mbim 8-1:1.0: wdm_int_callback - 0 bytes [ 68.887159][ C0] cdc_mbim 8-1:1.0: nonzero urb status received: -71 [ 68.889227][ C0] cdc_mbim 8-1:1.0: wdm_int_callback - 0 bytes [ 68.891128][ C0] cdc_mbim 8-1:1.0: nonzero urb status received: -71 [ 68.892975][ C0] cdc_mbim 8-1:1.0: wdm_int_callback - 0 bytes [ 68.894841][ C0] cdc_mbim 8-1:1.0: nonzero urb status received: -71 [ 68.896701][ C0] cdc_mbim 8-1:1.0: wdm_int_callback - 0 bytes [ 68.902905][ T9] usb 8-1: USB disconnect, device number 2 [ 68.904915][ T9] cdc_mbim 8-1:1.0 wwan0: unregister 'cdc_mbim' usb-dummy_hcd.3-1, CDC MBIM [ 69.048902][ T9] wwan wwan0: port wwan0mbim0 disconnected [ 69.120886][ T7123] overlayfs: missing 'lowerdir' [ 69.475485][ T36] usb 7-1: new high-speed USB device number 6 using dummy_hcd [ 69.625477][ T36] usb 7-1: Using ep0 maxpacket: 8 [ 69.628464][ T36] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 69.631103][ T36] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 69.634392][ T36] usb 7-1: config 16 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 69.638746][ T36] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 69.643389][ T36] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 69.647024][ T36] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 69.652949][ T36] usbtmc 7-1:16.0: bulk endpoints not found [ 70.275645][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 70.327691][ T7168] overlayfs: missing 'lowerdir' [ 70.357783][ T7170] fuse: Bad value for 'fd' [ 70.778626][ T1414] ieee802154 phy1 wpan1: encryption failed: -22 [ 71.034896][ T26] usb 7-1: USB disconnect, device number 6 [ 71.806169][ T836] usb 7-1: new high-speed USB device number 7 using dummy_hcd [ 71.965699][ T836] usb 7-1: Using ep0 maxpacket: 16 [ 71.968975][ T836] usb 7-1: config 0 has an invalid descriptor of length 105, skipping remainder of the config [ 71.973013][ T836] usb 7-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 71.977386][ T836] usb 7-1: New USB device found, idVendor=1781, idProduct=0898, bcdDevice= 0.00 [ 71.980197][ T836] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 71.988501][ T836] usb 7-1: config 0 descriptor?? [ 71.991419][ T836] pxrc 7-1:0.0: Could not find endpoint [ 71.993753][ T836] usbhid 7-1:0.0: couldn't find an input interrupt endpoint [ 72.017309][ T7245] netlink: 4 bytes leftover after parsing attributes in process `syz.1.484'. [ 72.198439][ T836] usb 7-1: USB disconnect, device number 7 [ 72.636211][ T7272] syz.0.488 (7272) used greatest stack depth: 19680 bytes left [ 72.935774][ T7292] netlink: 4 bytes leftover after parsing attributes in process `syz.2.498'. [ 73.435554][ T836] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 73.595550][ T836] usb 6-1: Using ep0 maxpacket: 16 [ 73.600348][ T836] usb 6-1: config 0 has an invalid descriptor of length 94, skipping remainder of the config [ 73.628282][ T836] usb 6-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 73.632231][ T836] usb 6-1: New USB device found, idVendor=06cb, idProduct=0006, bcdDevice=9a.eb [ 73.634699][ T836] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 73.636962][ T836] usb 6-1: Product: syz [ 73.638161][ T836] usb 6-1: Manufacturer: syz [ 73.639515][ T836] usb 6-1: SerialNumber: syz [ 73.641710][ T836] usb 6-1: config 0 descriptor?? [ 75.435785][ T836] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 75.585659][ T836] usb 5-1: Using ep0 maxpacket: 16 [ 75.590759][ T836] usb 5-1: config 0 has an invalid descriptor of length 248, skipping remainder of the config [ 75.594028][ T836] usb 5-1: config 0 interface 0 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 75.599024][ T836] usb 5-1: config 0 interface 0 has no altsetting 0 [ 75.602621][ T836] usb 5-1: New USB device found, idVendor=06cb, idProduct=0006, bcdDevice=9a.eb [ 75.604990][ T836] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 75.607136][ T836] usb 5-1: Product: syz [ 75.608262][ T836] usb 5-1: Manufacturer: syz [ 75.609479][ T836] usb 5-1: SerialNumber: syz [ 75.613554][ T836] usb 5-1: config 0 descriptor?? [ 76.090235][ T1329] usb 5-1: USB disconnect, device number 8 [ 76.217995][ T31] usb 6-1: USB disconnect, device number 4 [ 76.769177][ T7408] netlink: 8 bytes leftover after parsing attributes in process `syz.0.536'. [ 76.771961][ T7408] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 76.774744][ T7408] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 77.021392][ T7410] netlink: 4 bytes leftover after parsing attributes in process `syz.2.537'. [ 77.311773][ T7424] netlink: 8 bytes leftover after parsing attributes in process `syz.1.540'. [ 77.937981][ T7450] netlink: 4 bytes leftover after parsing attributes in process `syz.1.547'. [ 78.064343][ T7454] fuse: Bad value for 'fd' [ 79.091207][ T7476] overlayfs: missing 'lowerdir' [ 79.144376][ T7482] fuse: Bad value for 'fd' [ 79.205759][ T7478] netlink: 4 bytes leftover after parsing attributes in process `syz.3.558'. [ 79.465616][ T36] usb 7-1: new high-speed USB device number 8 using dummy_hcd [ 79.580297][ T7504] overlayfs: missing 'lowerdir' [ 79.619346][ T7506] fuse: Bad value for 'fd' [ 79.626310][ T36] usb 7-1: Using ep0 maxpacket: 8 [ 79.630092][ T36] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 79.633750][ T36] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 79.637527][ T36] usb 7-1: config 16 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 79.641833][ T36] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 79.646969][ T36] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 79.650423][ T36] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 79.657108][ T36] usbtmc 7-1:16.0: bulk endpoints not found [ 80.338592][ T7521] netlink: 4 bytes leftover after parsing attributes in process `syz.3.576'. [ 80.431532][ T7535] overlayfs: missing 'lowerdir' [ 80.846037][ T5955] Bluetooth: hci2: command 0x0405 tx timeout [ 81.358191][ T7555] netlink: 4 bytes leftover after parsing attributes in process `syz.1.586'. [ 81.386579][ T26] usb 7-1: USB disconnect, device number 8 [ 81.783068][ T7569] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 81.785668][ T7569] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 82.160902][ T7581] netlink: 4 bytes leftover after parsing attributes in process `syz.2.595'. [ 85.995210][ T7665] geneve0: entered allmulticast mode [ 86.047327][ T7669] fuse: Bad value for 'fd' [ 87.237077][ T7695] overlayfs: failed to resolve './file0': -2 [ 87.445553][ T36] usb 7-1: new high-speed USB device number 9 using dummy_hcd [ 87.595550][ T36] usb 7-1: Using ep0 maxpacket: 16 [ 87.598330][ T36] usb 7-1: config 0 has an invalid descriptor of length 248, skipping remainder of the config [ 87.601145][ T36] usb 7-1: config 0 interface 0 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 87.604672][ T36] usb 7-1: config 0 interface 0 has no altsetting 0 [ 87.608112][ T36] usb 7-1: New USB device found, idVendor=06cb, idProduct=0006, bcdDevice=9a.eb [ 87.610895][ T36] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 87.613751][ T36] usb 7-1: Product: syz [ 87.615086][ T36] usb 7-1: Manufacturer: syz [ 87.616806][ T36] usb 7-1: SerialNumber: syz [ 87.618960][ T36] usb 7-1: config 0 descriptor?? [ 88.093754][ T26] usb 7-1: USB disconnect, device number 9 [ 88.895520][ T36] usb 7-1: new high-speed USB device number 10 using dummy_hcd [ 89.037572][ T36] usb 7-1: device descriptor read/64, error -71 [ 89.214924][ T7731] overlayfs: failed to resolve './file0': -2 [ 89.276226][ T36] usb 7-1: new high-speed USB device number 11 using dummy_hcd [ 89.415602][ T36] usb 7-1: device descriptor read/64, error -71 [ 89.525739][ T36] usb usb7-port1: attempt power cycle [ 89.638971][ T7736] netlink: 8 bytes leftover after parsing attributes in process `syz.1.641'. [ 89.642312][ T7736] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 89.646362][ T7736] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 89.866061][ T36] usb 7-1: new high-speed USB device number 12 using dummy_hcd [ 89.886471][ T36] usb 7-1: device descriptor read/8, error -71 [ 90.135536][ T36] usb 7-1: new high-speed USB device number 13 using dummy_hcd [ 90.165854][ T36] usb 7-1: device descriptor read/8, error -71 [ 90.275660][ T36] usb usb7-port1: unable to enumerate USB device [ 92.525563][ T26] usb 8-1: new high-speed USB device number 3 using dummy_hcd [ 92.680360][ T26] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 92.684295][ T26] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 92.688956][ T26] usb 8-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024 [ 92.692757][ T26] usb 8-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 92.702106][ T26] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 92.705131][ T26] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 92.707728][ T26] usb 8-1: Product: syz [ 92.708898][ T26] usb 8-1: Manufacturer: syz [ 92.710181][ T26] usb 8-1: SerialNumber: syz [ 92.908911][ T36] usb 7-1: new high-speed USB device number 14 using dummy_hcd [ 92.918731][ T7789] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 93.055502][ T36] usb 7-1: Using ep0 maxpacket: 16 [ 93.058714][ T36] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 93.062299][ T36] usb 7-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 93.069025][ T36] usb 7-1: New USB device found, idVendor=06cb, idProduct=0006, bcdDevice=9a.eb [ 93.071670][ T36] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 93.074492][ T36] usb 7-1: Product: syz [ 93.076127][ T36] usb 7-1: Manufacturer: syz [ 93.077460][ T36] usb 7-1: SerialNumber: syz [ 93.079735][ T36] usb 7-1: config 0 descriptor?? [ 93.524665][ T7789] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 93.728403][ T26] cdc_mbim 8-1:1.0: bind() failure [ 93.731871][ T26] cdc_ncm 8-1:1.1: CDC Union missing and no IAD found [ 93.733805][ T26] cdc_ncm 8-1:1.1: bind() failure [ 95.294898][ T836] usb 8-1: USB disconnect, device number 3 [ 95.685893][ T36] usb 7-1: USB disconnect, device number 14 [ 96.487813][ T7886] netlink: 4 bytes leftover after parsing attributes in process `syz.1.695'. [ 96.586262][ T7896] netlink: 4 bytes leftover after parsing attributes in process `syz.3.706'. [ 97.553433][ T7930] netlink: 4 bytes leftover after parsing attributes in process `syz.1.710'. [ 97.556288][ T7934] fuse: Bad value for 'group_id' [ 97.558377][ T7934] fuse: Bad value for 'group_id' [ 97.644961][ T7946] fuse: Bad value for 'fd' [ 97.827286][ T7964] fuse: Bad value for 'group_id' [ 97.829365][ T7964] fuse: Bad value for 'group_id' [ 97.941894][ T7972] fuse: Bad value for 'fd' [ 99.007324][ T8008] fuse: Bad value for 'group_id' [ 99.008811][ T8008] fuse: Bad value for 'group_id' [ 101.572765][ T8097] overlayfs: failed to resolve './file0': -2 [ 102.205547][ T26] usb 7-1: new high-speed USB device number 15 using dummy_hcd [ 102.245477][ T36] usb 8-1: new high-speed USB device number 4 using dummy_hcd [ 102.355490][ T26] usb 7-1: Using ep0 maxpacket: 8 [ 102.358969][ T26] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 102.362170][ T26] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 102.365495][ T26] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 102.368970][ T26] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 102.373409][ T26] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 102.376524][ T26] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 102.395492][ T36] usb 8-1: Using ep0 maxpacket: 8 [ 102.399131][ T36] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 102.401902][ T36] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 102.404725][ T36] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 102.407672][ T36] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 102.411427][ T36] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 102.414070][ T36] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 102.582317][ T26] usb 7-1: GET_CAPABILITIES returned 0 [ 102.583921][ T26] usbtmc 7-1:16.0: can't read capabilities [ 102.626176][ T36] usb 8-1: GET_CAPABILITIES returned 0 [ 102.628415][ T36] usbtmc 8-1:16.0: can't read capabilities [ 102.816050][ T837] usb 7-1: USB disconnect, device number 15 [ 103.035940][ T65] usb 8-1: USB disconnect, device number 4 [ 104.989178][ T837] usb 7-1: new high-speed USB device number 16 using dummy_hcd [ 105.036529][ T8201] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 105.386128][ T837] usb 7-1: Using ep0 maxpacket: 8 [ 105.391915][ T837] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 105.398250][ T837] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 105.401374][ T837] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 105.404117][ T837] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 105.409151][ T837] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 105.412424][ T837] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 105.624819][ T837] usb 7-1: GET_CAPABILITIES returned 0 [ 105.626563][ T837] usbtmc 7-1:16.0: can't read capabilities [ 105.830656][ T5983] usb 7-1: USB disconnect, device number 16 [ 106.555456][ T26] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 106.705575][ T26] usb 5-1: Using ep0 maxpacket: 16 [ 106.708366][ T26] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 106.711188][ T26] usb 5-1: config 0 interface 0 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 106.714710][ T26] usb 5-1: config 0 interface 0 has no altsetting 0 [ 106.719804][ T26] usb 5-1: New USB device found, idVendor=06cb, idProduct=0006, bcdDevice=9a.eb [ 106.722312][ T26] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 106.724522][ T26] usb 5-1: Product: syz [ 106.725994][ T26] usb 5-1: Manufacturer: syz [ 106.727357][ T26] usb 5-1: SerialNumber: syz [ 106.737932][ T26] usb 5-1: config 0 descriptor?? [ 107.323468][ T10] usb 5-1: USB disconnect, device number 9 [ 108.199412][ T10] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 108.365483][ T10] usb 5-1: Using ep0 maxpacket: 8 [ 108.375637][ T10] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 108.379421][ T10] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 108.383018][ T10] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 108.387223][ T10] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 108.391894][ T10] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 108.395173][ T10] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 108.614054][ T10] usb 5-1: GET_CAPABILITIES returned 0 [ 108.616405][ T10] usbtmc 5-1:16.0: can't read capabilities [ 108.994823][ T10] usb 5-1: USB disconnect, device number 10 [ 109.205706][ T36] usb 8-1: new high-speed USB device number 5 using dummy_hcd [ 109.366302][ T36] usb 8-1: Using ep0 maxpacket: 8 [ 109.370484][ T36] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 109.374155][ T36] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 109.379608][ T36] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 109.383295][ T36] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 109.388481][ T36] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 109.391779][ T36] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 109.601744][ T8294] overlayfs: missing 'lowerdir' [ 109.607851][ T36] usb 8-1: GET_CAPABILITIES returned 0 [ 109.609955][ T36] usbtmc 8-1:16.0: can't read capabilities [ 109.615654][ T26] usb 6-1: new high-speed USB device number 5 using dummy_hcd [ 109.630423][ T8296] fuse: Unknown parameter 'group_i00000000000000000000' [ 109.765573][ T26] usb 6-1: Using ep0 maxpacket: 16 [ 109.768581][ T26] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 109.771760][ T26] usb 6-1: config 0 interface 0 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 109.775307][ T26] usb 6-1: config 0 interface 0 has no altsetting 0 [ 109.779123][ T26] usb 6-1: New USB device found, idVendor=06cb, idProduct=0006, bcdDevice=9a.eb [ 109.782347][ T26] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 109.785169][ T26] usb 6-1: Product: syz [ 109.787389][ T26] usb 6-1: Manufacturer: syz [ 109.789046][ T26] usb 6-1: SerialNumber: syz [ 109.791809][ T26] usb 6-1: config 0 descriptor?? [ 110.026368][ T10] usb 8-1: USB disconnect, device number 5 [ 110.260121][ T26] usb 6-1: USB disconnect, device number 5 [ 110.285523][ T5983] usb 7-1: new high-speed USB device number 17 using dummy_hcd [ 110.435509][ T5983] usb 7-1: Using ep0 maxpacket: 8 [ 110.438899][ T5983] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 110.442134][ T5983] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 110.446279][ T5983] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 110.450072][ T5983] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 110.454124][ T5983] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 110.457232][ T5983] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 110.756851][ T5983] usb 7-1: GET_CAPABILITIES returned 0 [ 110.758386][ T5983] usbtmc 7-1:16.0: can't read capabilities [ 110.787047][ T8319] overlayfs: missing 'lowerdir' [ 111.025172][ T36] usb 7-1: USB disconnect, device number 17 [ 111.815577][ T10] usb 7-1: new high-speed USB device number 18 using dummy_hcd [ 112.005616][ T10] usb 7-1: Using ep0 maxpacket: 8 [ 112.030461][ T10] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 112.033577][ T10] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 112.102633][ T10] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 112.125534][ T10] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 112.129819][ T10] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 112.132371][ T10] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 112.431512][ T10] usb 7-1: GET_CAPABILITIES returned 0 [ 112.433038][ T10] usbtmc 7-1:16.0: can't read capabilities [ 112.843904][ T26] usb 7-1: USB disconnect, device number 18 [ 113.129542][ T8355] overlayfs: missing 'lowerdir' [ 113.160068][ T8357] fuse: Unknown parameter './file0' [ 113.165651][ T36] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 113.325537][ T36] usb 5-1: Using ep0 maxpacket: 16 [ 113.329023][ T36] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 113.332196][ T36] usb 5-1: config 0 interface 0 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 113.337044][ T36] usb 5-1: config 0 interface 0 has no altsetting 0 [ 113.341212][ T36] usb 5-1: New USB device found, idVendor=06cb, idProduct=0006, bcdDevice=9a.eb [ 113.348521][ T36] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 113.351531][ T36] usb 5-1: Product: syz [ 113.355590][ T36] usb 5-1: Manufacturer: syz [ 113.357349][ T36] usb 5-1: SerialNumber: syz [ 113.364534][ T36] usb 5-1: config 0 descriptor?? [ 113.851178][ T36] usb 5-1: USB disconnect, device number 11 [ 114.200389][ T8381] overlayfs: missing 'lowerdir' [ 114.243460][ T8385] fuse: Unknown parameter './file0' [ 114.337286][ T8393] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 114.423274][ T8400] overlayfs: missing 'lowerdir' [ 114.895475][ T5983] usb 7-1: new high-speed USB device number 19 using dummy_hcd [ 115.055480][ T5983] usb 7-1: Using ep0 maxpacket: 8 [ 115.058735][ T5983] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 115.061629][ T5983] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 115.064394][ T5983] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 115.067278][ T5983] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 115.071004][ T5983] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 115.073637][ T5983] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 115.341390][ T5983] usb 7-1: GET_CAPABILITIES returned 0 [ 115.343061][ T5983] usbtmc 7-1:16.0: can't read capabilities [ 115.544412][ T10] usb 7-1: USB disconnect, device number 19 [ 115.735542][ T5983] usb 6-1: new high-speed USB device number 6 using dummy_hcd [ 115.905567][ T5983] usb 6-1: Using ep0 maxpacket: 8 [ 115.908887][ T5983] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 115.909098][ T8426] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 115.912078][ T5983] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 115.918079][ T5983] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 115.920717][ T5983] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 115.924075][ T5983] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 115.927019][ T5983] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 115.950185][ T8428] overlayfs: missing 'lowerdir' [ 116.214796][ T5983] usb 6-1: GET_CAPABILITIES returned 0 [ 116.217030][ T5983] usbtmc 6-1:16.0: can't read capabilities [ 116.335667][ T10] usb 8-1: new high-speed USB device number 6 using dummy_hcd [ 116.635661][ T10] usb 8-1: Using ep0 maxpacket: 16 [ 116.638655][ T10] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 116.642945][ T10] usb 8-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e [ 116.645814][ T10] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 116.648084][ T10] usb 8-1: Product: syz [ 116.649280][ T10] usb 8-1: Manufacturer: syz [ 116.650664][ T10] usb 8-1: SerialNumber: syz [ 116.655034][ T10] usb 8-1: config 0 descriptor?? [ 116.658702][ T10] hub 8-1:0.0: bad descriptor, ignoring hub [ 116.659562][ T65] usb 6-1: USB disconnect, device number 6 [ 116.660735][ T10] hub 8-1:0.0: probe with driver hub failed with error -5 [ 116.665732][ T10] input: syz syz as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/input/input15 [ 117.137982][ T8452] fuse: Bad value for 'user_id' [ 117.139417][ T8452] fuse: Bad value for 'user_id' [ 117.225998][ T10] usb 8-1: USB disconnect, device number 6 [ 117.246631][ T65] usb 5-1: new high-speed USB device number 12 using dummy_hcd [ 117.405674][ T65] usb 5-1: Using ep0 maxpacket: 16 [ 117.409097][ T65] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 117.413163][ T65] usb 5-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e [ 117.415996][ T65] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 117.418321][ T65] usb 5-1: Product: syz [ 117.419749][ T65] usb 5-1: Manufacturer: syz [ 117.421053][ T65] usb 5-1: SerialNumber: syz [ 117.424048][ T65] usb 5-1: config 0 descriptor?? [ 117.427809][ T65] hub 5-1:0.0: bad descriptor, ignoring hub [ 117.430283][ T65] hub 5-1:0.0: probe with driver hub failed with error -5 [ 117.434578][ T65] input: syz syz as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/input/input16 [ 117.565227][ T8466] fuse: Bad value for 'group_id' [ 117.566907][ T8466] fuse: Bad value for 'group_id' [ 117.595469][ T36] usb 6-1: new high-speed USB device number 7 using dummy_hcd [ 117.765572][ T36] usb 6-1: Using ep0 maxpacket: 8 [ 117.768576][ T36] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 117.771432][ T36] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 117.774349][ T36] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 117.777243][ T36] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 117.780690][ T36] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 117.783073][ T36] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 117.845625][ T26] usb 7-1: new high-speed USB device number 20 using dummy_hcd [ 117.992691][ T36] usb 6-1: GET_CAPABILITIES returned 0 [ 117.994305][ T36] usbtmc 6-1:16.0: can't read capabilities [ 118.085535][ T26] usb 7-1: Using ep0 maxpacket: 16 [ 118.090907][ T26] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 118.101973][ T26] usb 7-1: config 0 interface 0 altsetting 1 endpoint 0x7 has invalid wMaxPacketSize 0 [ 118.106277][ T26] usb 7-1: config 0 interface 0 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 118.110964][ T26] usb 7-1: config 0 interface 0 has no altsetting 0 [ 118.119541][ T26] usb 7-1: New USB device found, idVendor=06cb, idProduct=0006, bcdDevice=9a.eb [ 118.121911][ T26] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 118.124867][ T26] usb 7-1: Product: syz [ 118.126613][ T26] usb 7-1: Manufacturer: syz [ 118.128367][ T26] usb 7-1: SerialNumber: syz [ 118.133773][ T26] usb 7-1: config 0 descriptor?? [ 118.229635][ T36] usb 6-1: USB disconnect, device number 7 [ 119.265487][ T1329] usb 6-1: new high-speed USB device number 8 using dummy_hcd [ 119.415543][ T1329] usb 6-1: Using ep0 maxpacket: 16 [ 119.418351][ T1329] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 119.422535][ T1329] usb 6-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e [ 119.425035][ T1329] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 119.428396][ T1329] usb 6-1: Product: syz [ 119.429648][ T1329] usb 6-1: Manufacturer: syz [ 119.431020][ T1329] usb 6-1: SerialNumber: syz [ 119.433311][ T1329] usb 6-1: config 0 descriptor?? [ 119.436636][ T1329] hub 6-1:0.0: bad descriptor, ignoring hub [ 119.438470][ T1329] hub 6-1:0.0: probe with driver hub failed with error -5 [ 119.441798][ T1329] input: syz syz as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/input/input17 [ 120.074315][ T1329] input: failed to attach handler mousedev to device input17, error: -5 [ 120.086722][ T36] usb 7-1: USB disconnect, device number 20 [ 120.115901][ T1329] usb 6-1: USB disconnect, device number 8 [ 120.167034][ T8505] netlink: 28 bytes leftover after parsing attributes in process `syz.0.907'. [ 120.205656][ T837] usb 5-1: USB disconnect, device number 12 [ 121.715930][ T8536] overlayfs: missing 'lowerdir' [ 123.865626][ T26] usb 8-1: new high-speed USB device number 7 using dummy_hcd [ 124.026024][ T26] usb 8-1: Using ep0 maxpacket: 16 [ 124.031638][ T26] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 124.037614][ T26] usb 8-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e [ 124.042627][ T26] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 124.054064][ T26] usb 8-1: Product: syz [ 124.068143][ T26] usb 8-1: Manufacturer: syz [ 124.070616][ T26] usb 8-1: SerialNumber: syz [ 124.078729][ T26] usb 8-1: config 0 descriptor?? [ 124.082864][ T26] hub 8-1:0.0: bad descriptor, ignoring hub [ 124.087771][ T26] hub 8-1:0.0: probe with driver hub failed with error -5 [ 124.094280][ T26] input: syz syz as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/input/input18 [ 124.517253][ T10] usb 8-1: USB disconnect, device number 7 [ 124.985662][ T36] usb 6-1: new high-speed USB device number 9 using dummy_hcd [ 125.145580][ T36] usb 6-1: Using ep0 maxpacket: 16 [ 125.185821][ T36] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 125.191558][ T36] usb 6-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e [ 125.194871][ T36] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 125.197787][ T36] usb 6-1: Product: syz [ 125.198948][ T36] usb 6-1: Manufacturer: syz [ 125.200246][ T36] usb 6-1: SerialNumber: syz [ 125.202770][ T36] usb 6-1: config 0 descriptor?? [ 125.205047][ T36] hub 6-1:0.0: bad descriptor, ignoring hub [ 125.206785][ T36] hub 6-1:0.0: probe with driver hub failed with error -5 [ 125.209836][ T36] input: syz syz as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/input/input19 [ 125.825731][ T1329] usb 6-1: USB disconnect, device number 9 [ 127.600695][ T8657] fuse: Unknown parameter 'grou00000000000000000000' [ 127.642611][ T8659] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 127.649457][ T8659] netlink: 4 bytes leftover after parsing attributes in process `syz.2.959'. [ 127.975502][ T5983] usb 7-1: new high-speed USB device number 21 using dummy_hcd [ 128.125825][ T5983] usb 7-1: Using ep0 maxpacket: 8 [ 128.128974][ T5983] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 128.132247][ T5983] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 128.135099][ T5983] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 128.138957][ T5983] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 128.142595][ T5983] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 128.145111][ T5983] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 128.396174][ T5983] usb 7-1: GET_CAPABILITIES returned 0 [ 128.397708][ T5983] usbtmc 7-1:16.0: can't read capabilities [ 128.699040][ T26] usb 7-1: USB disconnect, device number 21 [ 129.097543][ T8735] fuse: Unknown parameter 'grou00000000000000000000' [ 129.215840][ T8739] sg_write: data in/out 489/14 bytes for SCSI command 0x0-- guessing data in; [ 129.215840][ T8739] program syz.1.965 not setting count and/or reply_len properly [ 129.253847][ T8742] netlink: 4 bytes leftover after parsing attributes in process `syz.2.969'. [ 129.256539][ T8742] bridge_slave_0: left allmulticast mode [ 129.258192][ T8742] bridge_slave_0: left promiscuous mode [ 129.259854][ T8742] bridge0: port 1(bridge_slave_0) entered disabled state [ 130.321356][ T8767] fuse: Unknown parameter 'group_i00000000000000000000' [ 132.209196][ T1414] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.484366][ T6006] usb 7-1: new high-speed USB device number 22 using dummy_hcd [ 133.656606][ T6006] usb 7-1: Using ep0 maxpacket: 16 [ 133.660342][ T6006] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 133.665815][ T6006] usb 7-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e [ 133.668554][ T6006] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 133.671785][ T6006] usb 7-1: Product: syz [ 133.673300][ T6006] usb 7-1: Manufacturer: syz [ 133.674782][ T6006] usb 7-1: SerialNumber: syz [ 133.686094][ T6006] usb 7-1: config 0 descriptor?? [ 133.691221][ T6006] hub 7-1:0.0: bad descriptor, ignoring hub [ 133.692931][ T6006] hub 7-1:0.0: probe with driver hub failed with error -5 [ 133.696223][ T6006] input: syz syz as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/input/input20 [ 134.120811][ T8828] sg_write: data in/out 489/14 bytes for SCSI command 0x0-- guessing data in; [ 134.120811][ T8828] program syz.0.997 not setting count and/or reply_len properly [ 134.156216][ T65] usb 7-1: USB disconnect, device number 22 [ 136.235506][ T31] usb 8-1: new high-speed USB device number 8 using dummy_hcd [ 136.395504][ T31] usb 8-1: Using ep0 maxpacket: 8 [ 136.636921][ T31] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 136.640626][ T31] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 136.643351][ T31] usb 8-1: config 16 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 136.646379][ T31] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 136.649951][ T31] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 136.652469][ T31] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 136.656547][ T31] usbtmc 8-1:16.0: bulk endpoints not found [ 136.707280][ T8868] fuse: Unknown parameter 'group_id00000000000000000000' [ 136.872085][ T10] usb 8-1: USB disconnect, device number 8 [ 139.328365][ T8920] sg_write: data in/out 489/14 bytes for SCSI command 0x0-- guessing data in; [ 139.328365][ T8920] program syz.3.1024 not setting count and/or reply_len properly [ 139.475516][ T65] usb 6-1: new high-speed USB device number 10 using dummy_hcd [ 139.541962][ T8921] 9pnet_fd: Insufficient options for proto=fd [ 139.635505][ T65] usb 6-1: Using ep0 maxpacket: 16 [ 139.646501][ T65] usb 6-1: config 0 interface 0 altsetting 1 endpoint 0x7 has invalid wMaxPacketSize 0 [ 139.649785][ T65] usb 6-1: config 0 interface 0 altsetting 1 endpoint 0x89 has invalid wMaxPacketSize 0 [ 139.652582][ T65] usb 6-1: config 0 interface 0 has no altsetting 0 [ 139.657736][ T65] usb 6-1: New USB device found, idVendor=06cb, idProduct=0006, bcdDevice=9a.eb [ 139.660381][ T65] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 139.663334][ T65] usb 6-1: Product: syz [ 139.664608][ T65] usb 6-1: Manufacturer: syz [ 139.666741][ T65] usb 6-1: SerialNumber: syz [ 139.673125][ T65] usb 6-1: config 0 descriptor?? [ 140.152685][ T10] usb 6-1: USB disconnect, device number 10 [ 140.161728][ T8932] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 140.164232][ T8932] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 140.965591][ T26] usb 6-1: new high-speed USB device number 11 using dummy_hcd [ 141.004413][ T8948] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 141.145524][ T26] usb 6-1: Using ep0 maxpacket: 16 [ 141.152078][ T26] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 141.157121][ T26] usb 6-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e [ 141.159679][ T26] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 141.162094][ T26] usb 6-1: Product: syz [ 141.163298][ T26] usb 6-1: Manufacturer: syz [ 141.164629][ T26] usb 6-1: SerialNumber: syz [ 141.183656][ T26] usb 6-1: config 0 descriptor?? [ 141.186871][ T26] hub 6-1:0.0: bad descriptor, ignoring hub [ 141.188560][ T26] hub 6-1:0.0: probe with driver hub failed with error -5 [ 141.192070][ T26] input: syz syz as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/input/input21 [ 141.675777][ T26] usb 6-1: USB disconnect, device number 11 [ 142.585505][ T26] usb 6-1: new high-speed USB device number 12 using dummy_hcd [ 142.735460][ T26] usb 6-1: Using ep0 maxpacket: 8 [ 142.742758][ T26] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 142.747525][ T26] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 142.750927][ T26] usb 6-1: config 16 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 142.754190][ T26] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 142.758970][ T26] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 142.765117][ T26] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 142.775544][ T26] usbtmc 6-1:16.0: bulk endpoints not found [ 142.986417][ T26] usb 6-1: USB disconnect, device number 12 [ 143.127652][ T8990] fuse: Bad value for 'user_id' [ 143.129085][ T8990] fuse: Bad value for 'user_id' [ 143.845507][ T26] usb 6-1: new high-speed USB device number 13 using dummy_hcd [ 143.995456][ T26] usb 6-1: Using ep0 maxpacket: 16 [ 144.006412][ T26] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 144.011449][ T26] usb 6-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e [ 144.014485][ T26] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 144.020065][ T26] usb 6-1: Product: syz [ 144.021449][ T26] usb 6-1: Manufacturer: syz [ 144.023027][ T26] usb 6-1: SerialNumber: syz [ 144.027286][ T26] usb 6-1: config 0 descriptor?? [ 144.030467][ T26] hub 6-1:0.0: bad descriptor, ignoring hub [ 144.032513][ T26] hub 6-1:0.0: probe with driver hub failed with error -5 [ 144.038756][ T26] input: syz syz as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/input/input22 [ 144.285478][ T65] usb 5-1: new high-speed USB device number 13 using dummy_hcd [ 144.438584][ T65] usb 5-1: Using ep0 maxpacket: 16 [ 144.444006][ T65] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 144.445858][ T26] usb 6-1: USB disconnect, device number 13 [ 144.451078][ T65] usb 5-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e [ 144.453607][ T65] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 144.462837][ T65] usb 5-1: Product: syz [ 144.465180][ T65] usb 5-1: Manufacturer: syz [ 144.466565][ T65] usb 5-1: SerialNumber: syz [ 144.469138][ T65] usb 5-1: config 0 descriptor?? [ 144.471626][ T65] hub 5-1:0.0: bad descriptor, ignoring hub [ 144.473355][ T65] hub 5-1:0.0: probe with driver hub failed with error -5 [ 144.481068][ T65] input: syz syz as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/input/input23 [ 144.849361][ T9012] process 'syz.3.1063' launched '/dev/fd/4' with NULL argv: empty string added [ 144.895917][ T65] usb 5-1: USB disconnect, device number 13 [ 145.048869][ T9017] sg_write: data in/out 489/14 bytes for SCSI command 0x0-- guessing data in; [ 145.048869][ T9017] program syz.2.1060 not setting count and/or reply_len properly [ 145.215758][ T6006] usb 6-1: new high-speed USB device number 14 using dummy_hcd [ 145.393694][ T6006] usb 6-1: Using ep0 maxpacket: 8 [ 145.458903][ T6006] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 145.461771][ T6006] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 145.464447][ T6006] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 145.467878][ T6006] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 145.475574][ T6006] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 145.478197][ T6006] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 145.593154][ T9017] 9pnet_fd: Insufficient options for proto=fd [ 145.719226][ T6006] usb 6-1: GET_CAPABILITIES returned 0 [ 145.721146][ T6006] usbtmc 6-1:16.0: can't read capabilities [ 145.949744][ T6006] usb 6-1: USB disconnect, device number 14 [ 149.465499][ T65] usb 5-1: new high-speed USB device number 14 using dummy_hcd [ 149.615496][ T65] usb 5-1: Using ep0 maxpacket: 16 [ 149.618431][ T65] usb 5-1: config 0 interface 0 altsetting 1 endpoint 0x7 has invalid wMaxPacketSize 0 [ 149.621396][ T65] usb 5-1: config 0 interface 0 altsetting 1 endpoint 0x89 has an invalid bInterval 0, changing to 7 [ 149.624383][ T65] usb 5-1: config 0 interface 0 altsetting 1 endpoint 0x89 has invalid wMaxPacketSize 0 [ 149.627862][ T65] usb 5-1: config 0 interface 0 has no altsetting 0 [ 149.631603][ T65] usb 5-1: New USB device found, idVendor=06cb, idProduct=0006, bcdDevice=9a.eb [ 149.633996][ T65] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 149.636531][ T65] usb 5-1: Product: syz [ 149.637680][ T65] usb 5-1: Manufacturer: syz [ 149.640970][ T65] usb 5-1: SerialNumber: syz [ 149.644624][ T65] usb 5-1: config 0 descriptor?? [ 149.866796][ T65] input: syz syz as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/input/input24 [ 149.872656][ T5344] synaptics_usb 5-1:0.0: synusb_open - usb_submit_urb failed, error: -90 [ 149.875527][ T5344] synaptics_usb 5-1:0.0: synusb_open - usb_submit_urb failed, error: -90 [ 149.886073][ T5344] synaptics_usb 5-1:0.0: synusb_open - usb_submit_urb failed, error: -90 [ 149.889151][ T5344] synaptics_usb 5-1:0.0: synusb_open - usb_submit_urb failed, error: -90 [ 150.067947][ T65] usb 5-1: USB disconnect, device number 14 [ 151.385660][ T65] usb 5-1: new high-speed USB device number 15 using dummy_hcd [ 151.500404][ T9093] fuse: Unknown parameter 'user_id00000000000000000000' [ 151.551485][ T65] usb 5-1: Using ep0 maxpacket: 8 [ 151.559566][ T65] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 151.562441][ T65] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 151.565068][ T65] usb 5-1: config 16 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 151.573404][ T65] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 151.587583][ T65] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 151.590371][ T65] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 151.619242][ T65] usbtmc 5-1:16.0: bulk endpoints not found [ 151.820171][ T5957] Bluetooth: hci2: unexpected event for opcode 0x0411 [ 151.823756][ T1329] usb 5-1: USB disconnect, device number 15 [ 151.915509][ T5983] usb 6-1: new high-speed USB device number 15 using dummy_hcd [ 152.065565][ T5983] usb 6-1: Using ep0 maxpacket: 8 [ 152.068930][ T5983] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 152.072753][ T5983] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 152.077671][ T5983] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 152.080481][ T5983] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 152.085048][ T5983] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 152.089864][ T5983] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 152.297415][ T5983] usb 6-1: GET_CAPABILITIES returned 0 [ 152.298896][ T5983] usbtmc 6-1:16.0: can't read capabilities [ 152.503053][ T836] usb 6-1: USB disconnect, device number 15 [ 152.776180][ T9111] sg_write: data in/out 489/14 bytes for SCSI command 0x0-- guessing data in; [ 152.776180][ T9111] program syz.0.1092 not setting count and/or reply_len properly [ 152.964026][ T9112] 9pnet_fd: Insufficient options for proto=fd [ 153.086211][ T9119] fuse: Unknown parameter 'user_id00000000000000000000' [ 153.956270][ T9137] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1100'. [ 154.135477][ T6006] usb 8-1: new high-speed USB device number 9 using dummy_hcd [ 154.285534][ T6006] usb 8-1: Using ep0 maxpacket: 8 [ 154.294448][ T6006] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 154.303500][ T6006] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 154.306759][ T6006] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 154.313666][ T6006] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 154.317869][ T6006] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 154.322607][ T6006] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 154.613219][ T6006] usb 8-1: GET_CAPABILITIES returned 0 [ 154.615239][ T6006] usbtmc 8-1:16.0: can't read capabilities [ 154.873761][ T836] usb 8-1: USB disconnect, device number 9 [ 154.946897][ T9142] sg_write: data in/out 489/14 bytes for SCSI command 0x0-- guessing data in; [ 154.946897][ T9142] program syz.1.1102 not setting count and/or reply_len properly [ 155.209484][ T9145] 9pnet_fd: Insufficient options for proto=fd [ 155.232216][ T9148] netlink: 1608 bytes leftover after parsing attributes in process `syz.2.1104'. [ 155.235885][ T9148] netlink: zone id is out of range [ 155.237388][ T9148] netlink: zone id is out of range [ 155.238780][ T9148] netlink: zone id is out of range [ 155.240778][ T9148] netlink: del zone limit has 4 unknown bytes [ 155.321761][ T9148] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1104'. [ 157.319029][ T9187] fuse: Bad value for 'fd' [ 157.380201][ T9190] fuse: Invalid rootmode [ 157.455923][ T65] usb 5-1: new high-speed USB device number 16 using dummy_hcd [ 157.605546][ T65] usb 5-1: Using ep0 maxpacket: 8 [ 157.608681][ T65] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 157.611379][ T65] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 157.614115][ T65] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 157.617267][ T65] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 157.624679][ T65] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 157.628005][ T65] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 157.838561][ T65] usb 5-1: GET_CAPABILITIES returned 0 [ 157.840556][ T65] usbtmc 5-1:16.0: can't read capabilities [ 158.147228][ T1329] usb 5-1: USB disconnect, device number 16 [ 158.504914][ T9212] netlink: 1608 bytes leftover after parsing attributes in process `syz.2.1124'. [ 158.514430][ T9212] netlink: zone id is out of range [ 158.517105][ T9212] netlink: zone id is out of range [ 158.518677][ T9212] netlink: zone id is out of range [ 158.522826][ T9212] netlink: del zone limit has 4 unknown bytes [ 158.583845][ T9213] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1124'. [ 158.670712][ T9215] fuse: Unknown parameter '0x0000000000000003' [ 158.713209][ T9217] fuse: Bad value for 'rootmode' [ 158.769961][ T9221] fuse: Unknown parameter '0x0000000000000003' [ 159.431269][ T40] audit: type=1326 audit(1742884987.352:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9226 comm="syz.2.1137" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff8579 code=0x7ffc0000 [ 159.468113][ T40] audit: type=1326 audit(1742884987.352:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9226 comm="syz.2.1137" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7ff8579 code=0x7ffc0000 [ 159.474012][ T40] audit: type=1326 audit(1742884987.352:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9226 comm="syz.2.1137" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff8579 code=0x7ffc0000 [ 159.480236][ T40] audit: type=1326 audit(1742884987.352:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9226 comm="syz.2.1137" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff8579 code=0x7ffc0000 [ 159.488175][ T40] audit: type=1326 audit(1742884987.362:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9226 comm="syz.2.1137" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf7ff8579 code=0x7ffc0000 [ 159.494104][ T40] audit: type=1326 audit(1742884987.362:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9226 comm="syz.2.1137" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff8579 code=0x7ffc0000 [ 159.500094][ T40] audit: type=1326 audit(1742884987.362:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9226 comm="syz.2.1137" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff8579 code=0x7ffc0000 [ 159.507723][ T40] audit: type=1326 audit(1742884987.362:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9226 comm="syz.2.1137" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7ff8579 code=0x7ffc0000 [ 159.514125][ T40] audit: type=1326 audit(1742884987.362:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9226 comm="syz.2.1137" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff8579 code=0x7ffc0000 [ 159.520679][ T40] audit: type=1326 audit(1742884987.362:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9226 comm="syz.2.1137" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff8579 code=0x7ffc0000 [ 161.104240][ T9250] netlink: 1608 bytes leftover after parsing attributes in process `syz.3.1134'. [ 161.110898][ T9250] netlink: zone id is out of range [ 161.112569][ T9250] netlink: zone id is out of range [ 161.114102][ T9250] netlink: zone id is out of range [ 161.117406][ T9250] netlink: del zone limit has 4 unknown bytes [ 161.133603][ T9252] fuse: Bad value for 'rootmode' [ 161.236268][ T9250] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1134'. [ 162.250604][ T9265] sg_write: data in/out 489/14 bytes for SCSI command 0x0-- guessing data in; [ 162.250604][ T9265] program syz.3.1140 not setting count and/or reply_len properly [ 163.426606][ T9281] netlink: 1608 bytes leftover after parsing attributes in process `syz.2.1146'. [ 163.430606][ T9281] netlink: zone id is out of range [ 163.432017][ T9281] netlink: zone id is out of range [ 163.433399][ T9281] netlink: zone id is out of range [ 163.435337][ T9281] netlink: del zone limit has 4 unknown bytes [ 163.440178][ T9281] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1146'. [ 163.509536][ T9285] fuse: Bad value for 'rootmode' [ 164.148390][ T9309] fuse: Unknown parameter 'use00000000000000000000' [ 164.185572][ T9] usb 8-1: new high-speed USB device number 10 using dummy_hcd [ 164.365901][ T9] usb 8-1: Using ep0 maxpacket: 8 [ 164.369918][ T9] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 164.375359][ T9] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 164.382194][ T9] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 164.387456][ T9] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 164.394034][ T9] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 164.406872][ T9] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 164.699826][ T9317] fuse: Unknown parameter '0x0000000000000003' [ 164.831344][ T9] usb 8-1: usb_control_msg returned -71 [ 164.832965][ T9] usbtmc 8-1:16.0: can't read capabilities [ 164.839334][ T9] usb 8-1: USB disconnect, device number 10 [ 164.904724][ T40] kauditd_printk_skb: 9 callbacks suppressed [ 164.904734][ T40] audit: type=1326 audit(1742884992.822:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9313 comm="syz.1.1159" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa2579 code=0x7ffc0000 [ 164.913619][ T40] audit: type=1326 audit(1742884992.822:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9313 comm="syz.1.1159" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa2579 code=0x7ffc0000 [ 164.923214][ T40] audit: type=1326 audit(1742884992.842:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9313 comm="syz.1.1159" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7fa2579 code=0x7ffc0000 [ 164.930026][ T40] audit: type=1326 audit(1742884992.842:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9313 comm="syz.1.1159" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa2579 code=0x7ffc0000 [ 164.936338][ T40] audit: type=1326 audit(1742884992.842:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9313 comm="syz.1.1159" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa2579 code=0x7ffc0000 [ 164.942183][ T40] audit: type=1326 audit(1742884992.842:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9313 comm="syz.1.1159" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf7fa2579 code=0x7ffc0000 [ 164.948365][ T40] audit: type=1326 audit(1742884992.842:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9313 comm="syz.1.1159" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa2579 code=0x7ffc0000 [ 164.954277][ T40] audit: type=1326 audit(1742884992.842:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9313 comm="syz.1.1159" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa2579 code=0x7ffc0000 [ 164.960310][ T40] audit: type=1326 audit(1742884992.842:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9313 comm="syz.1.1159" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7fa2579 code=0x7ffc0000 [ 164.967083][ T40] audit: type=1326 audit(1742884992.842:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9313 comm="syz.1.1159" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa2579 code=0x7ffc0000 [ 165.358196][ T9336] fuse: Unknown parameter 'use00000000000000000000' [ 165.390618][ T9341] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1168'. [ 165.434959][ T9343] fuse: Unknown parameter 'fd0x0000000000000003' [ 165.625517][ T836] usb 8-1: new high-speed USB device number 11 using dummy_hcd [ 165.805750][ T836] usb 8-1: Using ep0 maxpacket: 8 [ 166.257440][ T836] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 166.694043][ T836] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 166.696912][ T836] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 166.699620][ T836] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 166.703233][ T836] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 166.705883][ T836] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 166.954011][ T836] usb 8-1: GET_CAPABILITIES returned 0 [ 166.955719][ T836] usbtmc 8-1:16.0: can't read capabilities [ 167.120334][ T65] usb 8-1: USB disconnect, device number 11 [ 168.000724][ T9365] fuse: Unknown parameter 'use00000000000000000000' [ 168.194904][ T9375] sg_write: data in/out 489/14 bytes for SCSI command 0x0-- guessing data in; [ 168.194904][ T9375] program syz.3.1174 not setting count and/or reply_len properly [ 168.388300][ T9376] 9pnet_fd: Insufficient options for proto=fd [ 170.125657][ T5955] Bluetooth: hci1: command 0x0406 tx timeout [ 170.560916][ T9400] fuse: Unknown parameter 'user_i00000000000000000000' [ 171.055480][ T836] usb 5-1: new high-speed USB device number 17 using dummy_hcd [ 171.215495][ T836] usb 5-1: Using ep0 maxpacket: 8 [ 171.218750][ T836] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 171.221465][ T836] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 171.224162][ T836] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 171.228138][ T836] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 171.232127][ T836] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 171.234941][ T836] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 171.447062][ T836] usb 5-1: GET_CAPABILITIES returned 0 [ 171.448630][ T836] usbtmc 5-1:16.0: can't read capabilities [ 172.158273][ T9427] fuse: Unknown parameter 'user_i00000000000000000000' [ 172.322846][ T836] usb 5-1: USB disconnect, device number 17 [ 172.891740][ T9448] sg_write: data in/out 489/14 bytes for SCSI command 0x0-- guessing data in; [ 172.891740][ T9448] program syz.0.1201 not setting count and/or reply_len properly [ 173.174374][ T9451] netlink: 1608 bytes leftover after parsing attributes in process `syz.2.1202'. [ 173.181055][ T9451] netlink: zone id is out of range [ 173.182760][ T9451] netlink: zone id is out of range [ 173.192597][ T9451] netlink: zone id is out of range [ 173.194612][ T9451] netlink: del zone limit has 4 unknown bytes [ 173.238824][ T9448] 9pnet_fd: Insufficient options for proto=fd [ 173.259892][ T9451] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1202'. [ 173.301388][ T9455] fuse: Unknown parameter 'user_i00000000000000000000' [ 177.256385][ T40] kauditd_printk_skb: 10 callbacks suppressed [ 177.256397][ T40] audit: type=1400 audit(1742885005.182:41): apparmor="DENIED" operation="setprocattr" info="exec" error=-22 profile="unconfined" pid=9508 comm="syz.2.1216" [ 177.675630][ T59] usb 7-1: new high-speed USB device number 23 using dummy_hcd [ 177.835548][ T59] usb 7-1: Using ep0 maxpacket: 16 [ 177.839114][ T59] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 177.844428][ T59] usb 7-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e [ 177.851136][ T59] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 177.853998][ T59] usb 7-1: Product: syz [ 177.855818][ T59] usb 7-1: Manufacturer: syz [ 177.857459][ T59] usb 7-1: SerialNumber: syz [ 177.861248][ T59] usb 7-1: config 0 descriptor?? [ 177.864887][ T59] hub 7-1:0.0: bad descriptor, ignoring hub [ 177.869645][ T59] hub 7-1:0.0: probe with driver hub failed with error -5 [ 177.876666][ T59] input: syz syz as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/input/input25 [ 178.129830][ T9537] netlink: 1608 bytes leftover after parsing attributes in process `syz.1.1224'. [ 178.133100][ T9537] netlink: zone id is out of range [ 178.134603][ T9537] netlink: zone id is out of range [ 178.136703][ T9537] netlink: zone id is out of range [ 178.138758][ T9537] netlink: del zone limit has 4 unknown bytes [ 178.214854][ T9537] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1224'. [ 178.796850][ T9549] tipc: Started in network mode [ 178.798488][ T9549] tipc: Node identity ac14140f, cluster identity 4711 [ 178.803840][ T9549] tipc: New replicast peer: 255.255.255.255 [ 178.811074][ T9549] tipc: Enabled bearer , priority 10 [ 179.826635][ T9371] tipc: Node number set to 2886997007 [ 180.278029][ T40] audit: type=1326 audit(1742885008.152:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9570 comm="syz.0.1237" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff0579 code=0x7ffc0000 [ 180.308532][ T40] audit: type=1326 audit(1742885008.152:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9570 comm="syz.0.1237" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7ff0579 code=0x7ffc0000 [ 180.314375][ T40] audit: type=1326 audit(1742885008.152:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9570 comm="syz.0.1237" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff0579 code=0x7ffc0000 [ 180.327884][ T40] audit: type=1326 audit(1742885008.152:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9570 comm="syz.0.1237" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf7ff0579 code=0x7ffc0000 [ 180.344567][ T40] audit: type=1326 audit(1742885008.152:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9570 comm="syz.0.1237" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff0579 code=0x7ffc0000 [ 180.359941][ T40] audit: type=1326 audit(1742885008.152:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9570 comm="syz.0.1237" exe="/syz-executor" sig=0 arch=40000003 syscall=434 compat=1 ip=0xf7ff0579 code=0x7ffc0000 [ 180.367513][ T40] audit: type=1326 audit(1742885008.152:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9570 comm="syz.0.1237" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff0579 code=0x7ffc0000 [ 180.373426][ T40] audit: type=1326 audit(1742885008.152:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9570 comm="syz.0.1237" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff0579 code=0x7ffc0000 [ 180.380874][ T40] audit: type=1326 audit(1742885008.152:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9570 comm="syz.0.1237" exe="/syz-executor" sig=0 arch=40000003 syscall=346 compat=1 ip=0xf7ff0579 code=0x7ffc0000 [ 180.540825][ T9586] sg_write: data in/out 489/14 bytes for SCSI command 0x0-- guessing data in; [ 180.540825][ T9586] program syz.1.1241 not setting count and/or reply_len properly [ 180.608099][ T9587] 9pnet_fd: Insufficient options for proto=fd [ 181.805612][ T59] usb 8-1: new high-speed USB device number 12 using dummy_hcd [ 181.848780][ T26] usb 7-1: USB disconnect, device number 23 [ 181.975542][ T59] usb 8-1: Using ep0 maxpacket: 16 [ 181.979111][ T59] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 181.990676][ T59] usb 8-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e [ 181.993758][ T59] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 181.997409][ T59] usb 8-1: Product: syz [ 181.999168][ T59] usb 8-1: Manufacturer: syz [ 182.001250][ T59] usb 8-1: SerialNumber: syz [ 182.009886][ T59] usb 8-1: config 0 descriptor?? [ 182.014352][ T59] hub 8-1:0.0: bad descriptor, ignoring hub [ 182.017020][ T59] hub 8-1:0.0: probe with driver hub failed with error -5 [ 182.020509][ T59] input: syz syz as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/input/input26 [ 182.490740][ T26] usb 8-1: USB disconnect, device number 12 [ 182.620545][ T9620] tipc: Started in network mode [ 182.621937][ T9620] tipc: Node identity ac14140f, cluster identity 4711 [ 182.623842][ T9620] tipc: New replicast peer: 255.255.255.255 [ 182.625825][ T9620] tipc: Enabled bearer , priority 10 [ 183.745512][ T1329] tipc: Node number set to 2886997007 [ 184.961920][ T9644] netlink: 1608 bytes leftover after parsing attributes in process `syz.1.1260'. [ 184.966659][ T9644] netlink: zone id is out of range [ 184.968644][ T9644] netlink: zone id is out of range [ 184.970585][ T9644] netlink: zone id is out of range [ 184.973575][ T9644] netlink: del zone limit has 4 unknown bytes [ 185.061511][ T9644] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1260'. [ 185.302131][ T9656] vlan0: entered promiscuous mode [ 185.309338][ T9656] team0: Port device vlan0 added [ 185.677803][ T9669] sg_write: data in/out 489/14 bytes for SCSI command 0x0-- guessing data in; [ 185.677803][ T9669] program syz.3.1265 not setting count and/or reply_len properly [ 185.753559][ T9674] 9pnet_fd: Insufficient options for proto=fd [ 185.925507][ T65] usb 7-1: new high-speed USB device number 24 using dummy_hcd [ 186.096023][ T65] usb 7-1: Using ep0 maxpacket: 16 [ 186.098609][ T65] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 186.103931][ T65] usb 7-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e [ 186.115579][ T65] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 186.118050][ T65] usb 7-1: Product: syz [ 186.119246][ T65] usb 7-1: Manufacturer: syz [ 186.120907][ T65] usb 7-1: SerialNumber: syz [ 186.124801][ T65] usb 7-1: config 0 descriptor?? [ 186.131400][ T65] hub 7-1:0.0: bad descriptor, ignoring hub [ 186.133015][ T65] hub 7-1:0.0: probe with driver hub failed with error -5 [ 186.136590][ T65] input: syz syz as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/input/input27 [ 186.575791][ T65] usb 7-1: USB disconnect, device number 24 [ 187.704547][ T9713] fuse: Unknown parameter '0x0000000000000003' [ 189.081610][ T9741] fuse: Unknown parameter 'fd0x0000000000000003' [ 190.707381][ T9769] fuse: Unknown parameter 'fd0x0000000000000003' [ 191.257327][ T9779] 9pnet_fd: Insufficient options for proto=fd [ 192.461747][ T9783] 9pnet_fd: Insufficient options for proto=fd [ 192.605855][ T9797] capability: warning: `syz.0.1318' uses deprecated v2 capabilities in a way that may be insecure [ 193.470024][ T9818] sch_tbf: burst 0 is lower than device lo mtu (18) ! [ 193.618166][ T9822] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1320'. [ 193.654177][ T1414] ieee802154 phy1 wpan1: encryption failed: -22 [ 193.701295][ T9822] team0 (unregistering): Port device team_slave_0 removed [ 193.708216][ T9822] team0 (unregistering): Port device team_slave_1 removed [ 193.804581][ T9823] 9pnet_fd: Insufficient options for proto=fd [ 194.485476][ T8727] Bluetooth: hci4: Frame reassembly failed (-84) [ 195.036211][ T9853] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1331'. [ 195.180509][ T9853] team0 (unregistering): Port device team_slave_0 removed [ 195.186088][ T9853] team0 (unregistering): Port device team_slave_1 removed [ 195.190885][ T9853] team0 (unregistering): Port device vlan0 removed [ 195.655600][ T59] usb 6-1: new high-speed USB device number 16 using dummy_hcd [ 195.815448][ T59] usb 6-1: Using ep0 maxpacket: 8 [ 195.818005][ T59] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 195.820698][ T59] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 195.823547][ T59] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 195.826487][ T59] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 195.830141][ T59] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 195.832666][ T59] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 196.038342][ T59] usb 6-1: GET_CAPABILITIES returned 0 [ 196.039924][ T59] usbtmc 6-1:16.0: can't read capabilities [ 196.255779][ T9018] usb 6-1: USB disconnect, device number 16 [ 196.526519][ T5955] Bluetooth: hci4: command 0x1003 tx timeout [ 196.526567][ T5957] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 196.532437][ T9866] 9pnet_fd: Insufficient options for proto=fd [ 198.868603][ T9940] 9pnet_fd: Insufficient options for proto=fd [ 200.205261][ T9965] netlink: 1608 bytes leftover after parsing attributes in process `syz.0.1369'. [ 200.208586][ T9965] netlink: zone id is out of range [ 200.210068][ T9965] netlink: zone id is out of range [ 200.211504][ T9965] netlink: zone id is out of range [ 200.213497][ T9965] netlink: del zone limit has 4 unknown bytes [ 200.270734][ T9965] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1369'. [ 200.854285][ T5955] Bluetooth: hci2: command 0x0405 tx timeout [ 201.799189][T10001] sg_write: data in/out 489/14 bytes for SCSI command 0x0-- guessing data in; [ 201.799189][T10001] program syz.1.1375 not setting count and/or reply_len properly [ 202.108241][T10004] 9pnet_fd: Insufficient options for proto=fd [ 202.433751][T10008] netlink: 1608 bytes leftover after parsing attributes in process `syz.3.1381'. [ 202.442451][T10008] netlink: zone id is out of range [ 202.444038][T10008] netlink: zone id is out of range [ 202.445920][T10008] netlink: zone id is out of range [ 202.447952][T10008] netlink: del zone limit has 4 unknown bytes [ 202.536496][T10011] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1381'. [ 202.669191][T10016] fuse: Bad value for 'fd' [ 203.118847][T10028] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1387'. [ 203.690342][T10046] fuse: Bad value for 'fd' [ 203.807931][T10048] sg_write: data in/out 489/14 bytes for SCSI command 0x0-- guessing data in; [ 203.807931][T10048] program syz.2.1391 not setting count and/or reply_len properly [ 203.835319][T10052] netlink: 1608 bytes leftover after parsing attributes in process `syz.0.1394'. [ 203.844465][T10052] netlink: zone id is out of range [ 203.846021][T10052] netlink: zone id is out of range [ 204.006690][T10052] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1394'. [ 204.089003][T10055] 9pnet_fd: Insufficient options for proto=fd [ 204.241838][T10061] netlink: 1608 bytes leftover after parsing attributes in process `syz.0.1398'. [ 204.308090][T10062] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1398'. [ 205.548239][T10085] 9pnet_fd: Insufficient options for proto=fd [ 206.773587][T10105] fuse: Bad value for 'fd' [ 207.378860][T10121] fuse: Bad value for 'rootmode' [ 208.266101][T10137] sg_write: data in/out 489/14 bytes for SCSI command 0x0-- guessing data in; [ 208.266101][T10137] program syz.1.1422 not setting count and/or reply_len properly [ 208.438451][T10138] 9pnet_fd: Insufficient options for proto=fd [ 208.485319][T10143] netlink: 1608 bytes leftover after parsing attributes in process `syz.3.1423'. [ 208.493574][T10143] net_ratelimit: 3 callbacks suppressed [ 208.493587][T10143] netlink: del zone limit has 4 unknown bytes [ 208.576959][T10143] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1423'. [ 208.622567][T10145] fuse: Unknown parameter 'user_id00000000000000000000' [ 209.967561][T10167] 9pnet_fd: Insufficient options for proto=fd [ 210.241724][ T6006] usb 6-1: new high-speed USB device number 17 using dummy_hcd [ 210.415583][ T6006] usb 6-1: Using ep0 maxpacket: 16 [ 210.421206][ T6006] usb 6-1: config 0 has no interfaces? [ 210.428350][ T6006] usb 6-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e [ 210.431582][ T6006] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 210.434970][ T6006] usb 6-1: Product: syz [ 210.441219][ T6006] usb 6-1: Manufacturer: syz [ 210.445339][ T6006] usb 6-1: SerialNumber: syz [ 210.449907][ T6006] usb 6-1: config 0 descriptor?? [ 210.459302][T10179] fuse: Unknown parameter '0x0000000000000004' [ 210.736969][ T6006] usb 6-1: USB disconnect, device number 17 [ 211.278729][T10195] netlink: 1608 bytes leftover after parsing attributes in process `syz.2.1438'. [ 211.281895][T10195] netlink: zone id is out of range [ 211.283460][T10195] netlink: zone id is out of range [ 211.285183][T10195] netlink: zone id is out of range [ 211.287959][T10195] netlink: del zone limit has 4 unknown bytes [ 211.380611][T10195] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1438'. [ 213.187394][T10228] fuse: Bad value for 'fd' [ 213.470873][T10236] sg_write: data in/out 489/14 bytes for SCSI command 0x0-- guessing data in; [ 213.470873][T10236] program syz.1.1447 not setting count and/or reply_len properly [ 213.702016][T10239] 9pnet_fd: Insufficient options for proto=fd [ 214.995467][T10264] fuse: Bad value for 'fd' [ 215.325467][ T5957] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 215.325701][ T5955] Bluetooth: hci4: command 0x1003 tx timeout [ 215.960676][T10291] netlink: 1608 bytes leftover after parsing attributes in process `syz.3.1465'. [ 215.964417][T10291] netlink: zone id is out of range [ 215.969342][T10291] netlink: zone id is out of range [ 215.973584][T10291] netlink: zone id is out of range [ 215.980191][T10291] netlink: del zone limit has 4 unknown bytes [ 216.083473][T10291] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1465'. [ 216.682076][T10300] 9pnet_fd: Insufficient options for proto=fd [ 217.191904][T10314] netlink: 1608 bytes leftover after parsing attributes in process `syz.0.1474'. [ 217.195239][T10314] netlink: zone id is out of range [ 217.197538][T10314] netlink: zone id is out of range [ 217.199447][T10314] netlink: zone id is out of range [ 217.201703][T10314] netlink: del zone limit has 4 unknown bytes [ 217.278611][T10314] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1474'. [ 220.249171][T10360] netlink: 1608 bytes leftover after parsing attributes in process `syz.2.1486'. [ 220.255058][T10360] netlink: zone id is out of range [ 220.257189][T10360] netlink: zone id is out of range [ 220.304255][T10363] sg_write: data in/out 489/14 bytes for SCSI command 0x0-- guessing data in; [ 220.304255][T10363] program syz.1.1483 not setting count and/or reply_len properly [ 220.346745][T10366] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1486'. [ 220.949036][T10376] 9pnet_fd: Insufficient options for proto=fd [ 221.261894][T10385] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1492'. [ 223.841543][T10429] net_ratelimit: 2 callbacks suppressed [ 223.841553][T10429] netlink: zone id is out of range [ 223.844594][T10429] netlink: zone id is out of range [ 223.846199][T10429] netlink: zone id is out of range [ 223.848230][T10429] netlink: del zone limit has 4 unknown bytes [ 223.950704][T10429] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1503'. [ 225.403432][T10447] 9pnet_fd: Insufficient options for proto=fd [ 226.505552][ T31] usb 7-1: new high-speed USB device number 25 using dummy_hcd [ 226.665615][ T31] usb 7-1: Using ep0 maxpacket: 16 [ 226.669887][ T31] usb 7-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 226.674869][ T31] usb 7-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e [ 226.677586][ T31] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 226.679866][ T31] usb 7-1: Product: syz [ 226.681036][ T31] usb 7-1: Manufacturer: syz [ 226.682345][ T31] usb 7-1: SerialNumber: syz [ 226.684480][ T31] usb 7-1: config 0 descriptor?? [ 226.686918][ T31] hub 7-1:0.0: bad descriptor, ignoring hub [ 226.688669][ T31] hub 7-1:0.0: probe with driver hub failed with error -5 [ 226.871289][T10481] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1521'. [ 227.075740][ T836] usb 7-1: USB disconnect, device number 25 [ 227.244531][T10495] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1524'. [ 228.654176][T10516] 9pnet_fd: Insufficient options for proto=fd [ 230.404463][T10562] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1541'. [ 230.608440][T10568] netlink: zone id is out of range [ 230.609995][T10568] netlink: zone id is out of range [ 230.611569][T10568] netlink: zone id is out of range [ 230.613665][T10568] netlink: del zone limit has 4 unknown bytes [ 230.785818][T10568] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1543'. [ 233.104243][T10623] 9pnet_fd: Insufficient options for proto=fd [ 233.215479][ T6006] usb 6-1: new high-speed USB device number 18 using dummy_hcd [ 233.276661][T10631] fuse: Bad value for 'fd' [ 233.375479][ T6006] usb 6-1: Using ep0 maxpacket: 16 [ 233.378449][ T6006] usb 6-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 233.383427][ T6006] usb 6-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e [ 233.389884][ T6006] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 233.392960][ T6006] usb 6-1: Product: syz [ 233.395611][ T6006] usb 6-1: Manufacturer: syz [ 233.397536][ T6006] usb 6-1: SerialNumber: syz [ 233.400359][ T6006] usb 6-1: config 0 descriptor?? [ 233.403469][ T6006] hub 6-1:0.0: bad descriptor, ignoring hub [ 233.406023][ T6006] hub 6-1:0.0: probe with driver hub failed with error -5 [ 233.775582][ T10] usb 6-1: USB disconnect, device number 18 [ 234.078917][T10650] sg_write: data in/out 489/14 bytes for SCSI command 0x0-- guessing data in; [ 234.078917][T10650] program syz.2.1568 not setting count and/or reply_len properly [ 234.300260][T10651] 9pnet_fd: Insufficient options for proto=fd [ 234.428187][T10661] fuse: Bad value for 'fd' [ 235.688127][T10689] fuse: Bad value for 'fd' [ 237.400455][T10716] 9pnet_fd: Insufficient options for proto=fd [ 238.044758][T10725] fuse: Bad value for 'fd' [ 238.081099][T10728] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1592'. [ 238.325566][ T9018] usb 6-1: new high-speed USB device number 19 using dummy_hcd [ 238.475492][ T9018] usb 6-1: Using ep0 maxpacket: 8 [ 238.486560][ T9018] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 238.490157][ T9018] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 238.493658][ T9018] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 238.496910][ T9018] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 238.500457][ T9018] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 238.503033][ T9018] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 238.708533][ T9018] usb 6-1: GET_CAPABILITIES returned 0 [ 238.710307][ T9018] usbtmc 6-1:16.0: can't read capabilities [ 238.915263][ T10] usb 6-1: USB disconnect, device number 19 [ 240.495702][T10769] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1604'. [ 240.721109][T10778] fuse: Bad value for 'fd' [ 240.884208][T10775] 9pnet_fd: Insufficient options for proto=fd [ 242.265221][T10813] fuse: Bad value for 'fd' [ 242.329948][T10815] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1617'. [ 243.120679][T10827] sg_write: data in/out 489/14 bytes for SCSI command 0x0-- guessing data in; [ 243.120679][T10827] program syz.1.1618 not setting count and/or reply_len properly [ 243.209644][T10823] 9pnet_fd: Insufficient options for proto=fd [ 244.198591][T10837] 9pnet_fd: Insufficient options for proto=fd [ 244.725551][ T10] usb 6-1: new high-speed USB device number 20 using dummy_hcd [ 244.940011][T10859] fuse: Bad value for 'fd' [ 244.959796][ T10] usb 6-1: Using ep0 maxpacket: 16 [ 244.980392][ T10] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 244.995107][ T10] usb 6-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e [ 244.997860][ T10] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 245.000122][ T10] usb 6-1: Product: syz [ 245.001319][ T10] usb 6-1: Manufacturer: syz [ 245.002767][ T10] usb 6-1: SerialNumber: syz [ 245.015113][ T10] usb 6-1: config 0 descriptor?? [ 245.030094][ T10] hub 6-1:0.0: bad descriptor, ignoring hub [ 245.034447][ T10] hub 6-1:0.0: probe with driver hub failed with error -5 [ 245.044393][ T10] input: syz syz as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/input/input28 [ 245.415704][ T26] usb 6-1: USB disconnect, device number 20 [ 247.672420][T10903] netlink: 1608 bytes leftover after parsing attributes in process `syz.0.1638'. [ 247.734896][T10904] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1638'. [ 248.316452][T10910] 9pnet_fd: Insufficient options for proto=fd [ 248.670493][T10918] 9pnet_fd: Insufficient options for proto=fd [ 249.872402][T10944] netlink: 1608 bytes leftover after parsing attributes in process `syz.3.1650'. [ 249.950038][T10944] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1650'. [ 249.984324][T10946] netlink: 1608 bytes leftover after parsing attributes in process `syz.1.1651'. [ 249.988240][T10946] netlink: zone id is out of range [ 249.990213][T10946] netlink: zone id is out of range [ 249.991768][T10946] netlink: zone id is out of range [ 249.994287][T10946] netlink: del zone limit has 4 unknown bytes [ 250.051225][T10950] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1651'. [ 250.867374][T10962] fuse: Bad value for 'fd' [ 251.907030][T10979] fuse: Bad value for 'fd' [ 252.031646][T10984] fuse: Unknown parameter '' [ 252.321095][T10986] 9pnet_fd: Insufficient options for proto=fd [ 252.615556][ T26] usb 6-1: new high-speed USB device number 21 using dummy_hcd [ 252.785500][ T26] usb 6-1: Using ep0 maxpacket: 16 [ 252.788803][ T26] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 252.794068][ T26] usb 6-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e [ 252.797646][ T26] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 252.800477][ T26] usb 6-1: Product: syz [ 252.802035][ T26] usb 6-1: Manufacturer: syz [ 252.803803][ T26] usb 6-1: SerialNumber: syz [ 252.807026][ T26] usb 6-1: config 0 descriptor?? [ 252.810161][ T26] hub 6-1:0.0: bad descriptor, ignoring hub [ 252.812334][ T26] hub 6-1:0.0: probe with driver hub failed with error -5 [ 252.816439][ T26] input: syz syz as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/input/input29 [ 252.932709][T11001] fuse: Bad value for 'fd' [ 253.563453][ T9371] usb 6-1: USB disconnect, device number 21 [ 254.164867][T11012] fuse: Bad value for 'fd' [ 254.785136][T11021] netlink: 1608 bytes leftover after parsing attributes in process `syz.3.1674'. [ 254.789078][T11021] netlink: zone id is out of range [ 254.790568][T11021] netlink: zone id is out of range [ 254.792008][T11021] netlink: zone id is out of range [ 254.794094][T11021] netlink: del zone limit has 4 unknown bytes [ 254.884084][T11021] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1674'. [ 254.924496][T11024] macsec0: entered promiscuous mode [ 254.926255][T11024] macsec0: entered allmulticast mode [ 254.927683][T11024] veth1_macvtap: entered allmulticast mode [ 255.094290][ T1414] ieee802154 phy1 wpan1: encryption failed: -22 [ 255.451797][T11037] macsec0: entered promiscuous mode [ 255.453285][T11037] macsec0: entered allmulticast mode [ 255.454734][T11037] veth1_macvtap: entered allmulticast mode [ 255.862045][T11043] fuse: Bad value for 'group_id' [ 255.863925][T11043] fuse: Bad value for 'group_id' [ 255.875502][ T31] usb 7-1: new high-speed USB device number 26 using dummy_hcd [ 256.045577][ T31] usb 7-1: Using ep0 maxpacket: 16 [ 256.051880][ T31] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 256.056705][ T31] usb 7-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e [ 256.059721][ T31] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 256.061915][ T31] usb 7-1: Product: syz [ 256.063116][ T31] usb 7-1: Manufacturer: syz [ 256.064440][ T31] usb 7-1: SerialNumber: syz [ 256.066935][ T31] usb 7-1: config 0 descriptor?? [ 256.069118][ T31] hub 7-1:0.0: bad descriptor, ignoring hub [ 256.070856][ T31] hub 7-1:0.0: probe with driver hub failed with error -5 [ 256.073660][ T31] input: syz syz as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/input/input30 [ 256.426397][ T10] usb 7-1: USB disconnect, device number 26 [ 257.438708][T11061] sg_write: data in/out 489/14 bytes for SCSI command 0x0-- guessing data in; [ 257.438708][T11061] program syz.2.1688 not setting count and/or reply_len properly [ 257.596213][T11061] 9pnet_fd: Insufficient options for proto=fd [ 257.913371][T11067] netlink: 1608 bytes leftover after parsing attributes in process `syz.0.1689'. [ 257.918059][T11067] netlink: zone id is out of range [ 257.921133][T11067] netlink: zone id is out of range [ 257.922678][T11067] netlink: zone id is out of range [ 257.924757][T11067] netlink: del zone limit has 4 unknown bytes [ 257.980327][T11070] netlink: 1608 bytes leftover after parsing attributes in process `syz.2.1691'. [ 257.983418][T11070] netlink: zone id is out of range [ 257.984865][T11070] netlink: zone id is out of range [ 257.986788][T11072] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1689'. [ 257.989578][T11070] netlink: zone id is out of range [ 257.991517][T11070] netlink: del zone limit has 4 unknown bytes [ 258.175234][T11070] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1691'. [ 259.335175][T11110] netlink: 1608 bytes leftover after parsing attributes in process `syz.3.1703'. [ 259.338450][T11110] netlink: zone id is out of range [ 259.340040][T11110] netlink: zone id is out of range [ 259.343347][T11110] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1703'. [ 259.419594][T11110] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1703'. [ 259.763232][T11120] gtp0: entered promiscuous mode [ 259.764665][T11120] gtp0: entered allmulticast mode [ 261.622733][T11146] sg_write: data in/out 489/14 bytes for SCSI command 0x0-- guessing data in; [ 261.622733][T11146] program syz.1.1710 not setting count and/or reply_len properly [ 262.085731][T11155] 9pnet_fd: Insufficient options for proto=fd [ 263.437474][ T9018] usb 7-1: new high-speed USB device number 27 using dummy_hcd [ 263.460751][T11196] netlink: 1608 bytes leftover after parsing attributes in process `syz.3.1725'. [ 263.464095][T11196] net_ratelimit: 2 callbacks suppressed [ 263.464107][T11196] netlink: zone id is out of range [ 263.468447][T11196] netlink: zone id is out of range [ 263.471509][T11196] netlink: zone id is out of range [ 263.473654][T11196] netlink: del zone limit has 4 unknown bytes [ 263.483423][T11196] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1725'. [ 263.547929][T11196] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1725'. [ 263.672910][ T9018] usb 7-1: Using ep0 maxpacket: 8 [ 263.677269][ T9018] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 263.679958][ T9018] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 263.682625][ T9018] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 263.685309][ T9018] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 263.689689][ T9018] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 263.692033][ T9018] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 263.899132][ T9018] usb 7-1: GET_CAPABILITIES returned 0 [ 263.900706][ T9018] usbtmc 7-1:16.0: can't read capabilities [ 263.910306][T11205] macsec0: entered promiscuous mode [ 263.911895][T11205] macsec0: entered allmulticast mode [ 263.913385][T11205] veth1_macvtap: entered allmulticast mode [ 264.105144][ T9018] usb 7-1: USB disconnect, device number 27 [ 264.722727][T11216] gtp1: entered promiscuous mode [ 264.724008][T11216] gtp1: entered allmulticast mode [ 264.897318][ T26] usb 7-1: new high-speed USB device number 28 using dummy_hcd [ 265.085531][ T26] usb 7-1: Using ep0 maxpacket: 16 [ 265.097732][ T26] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 265.108975][ T26] usb 7-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e [ 265.111482][ T26] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 265.113666][ T26] usb 7-1: Product: syz [ 265.114856][ T26] usb 7-1: Manufacturer: syz [ 265.120563][ T26] usb 7-1: SerialNumber: syz [ 265.120736][T11220] gtp1: entered promiscuous mode [ 265.122721][ T26] usb 7-1: config 0 descriptor?? [ 265.125662][ T26] hub 7-1:0.0: bad descriptor, ignoring hub [ 265.126374][T11220] gtp1: entered allmulticast mode [ 265.127417][ T26] hub 7-1:0.0: probe with driver hub failed with error -5 [ 265.137460][ T26] input: syz syz as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/input/input31 [ 265.486607][ T9018] usb 7-1: USB disconnect, device number 28 [ 267.396189][T11256] fuse: Bad value for 'fd' [ 267.658583][T11264] sg_write: data in/out 489/14 bytes for SCSI command 0x0-- guessing data in; [ 267.658583][T11264] program syz.2.1740 not setting count and/or reply_len properly [ 268.018433][T11267] 9pnet_fd: Insufficient options for proto=fd [ 268.834403][T11271] gtp2: entered promiscuous mode [ 268.835941][T11271] gtp2: entered allmulticast mode [ 268.843805][T11285] fuse: Unknown parameter 'grou00000000000000000000' [ 268.911497][T11287] fuse: Bad value for 'fd' [ 269.177192][T11292] gtp0: entered promiscuous mode [ 269.178666][T11292] gtp0: entered allmulticast mode [ 269.507146][T11296] macsec0: entered promiscuous mode [ 269.508875][T11296] macsec0: entered allmulticast mode [ 269.510542][T11296] veth1_macvtap: entered allmulticast mode [ 270.136819][T11309] gtp1: entered promiscuous mode [ 270.138333][T11309] gtp1: entered allmulticast mode [ 272.274033][T11346] netlink: 1608 bytes leftover after parsing attributes in process `syz.3.1768'. [ 272.277415][T11346] netlink: zone id is out of range [ 272.278911][T11346] netlink: zone id is out of range [ 272.280394][T11346] netlink: zone id is out of range [ 272.282434][T11346] netlink: del zone limit has 4 unknown bytes [ 272.326105][T11347] fuse: Unknown parameter 'group_i00000000000000000000' [ 272.350377][T11346] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1768'. [ 272.352692][T11348] gtp3: entered promiscuous mode [ 272.355071][T11348] gtp3: entered allmulticast mode [ 274.041611][T11380] netlink: 44 bytes leftover after parsing attributes in process `syz.2.1777'. [ 274.204781][T11388] netlink: 44 bytes leftover after parsing attributes in process `syz.2.1780'. [ 274.357786][T11392] fuse: Unknown parameter 'group_i00000000000000000000' [ 275.178597][T11410] gtp1: entered promiscuous mode [ 275.180059][T11410] gtp1: entered allmulticast mode [ 275.945807][ T59] usb 6-1: new high-speed USB device number 22 using dummy_hcd [ 276.060456][T11425] netlink: 1608 bytes leftover after parsing attributes in process `syz.0.1791'. [ 276.063653][T11425] netlink: zone id is out of range [ 276.065132][T11425] netlink: zone id is out of range [ 276.066904][T11425] netlink: zone id is out of range [ 276.068998][T11425] netlink: del zone limit has 4 unknown bytes [ 276.080063][T11423] 9pnet_fd: Insufficient options for proto=fd [ 276.105475][ T59] usb 6-1: Using ep0 maxpacket: 16 [ 276.108156][ T59] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 276.112253][ T59] usb 6-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e [ 276.115070][ T59] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 276.121676][ T59] usb 6-1: Product: syz [ 276.123356][ T59] usb 6-1: Manufacturer: syz [ 276.125155][ T59] usb 6-1: SerialNumber: syz [ 276.128816][ T59] usb 6-1: config 0 descriptor?? [ 276.131155][ T59] hub 6-1:0.0: bad descriptor, ignoring hub [ 276.132216][T11425] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1791'. [ 276.132982][ T59] hub 6-1:0.0: probe with driver hub failed with error -5 [ 276.143510][ T59] input: syz syz as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/input/input32 [ 276.505980][ T9371] usb 6-1: USB disconnect, device number 22 [ 277.518701][T11445] fuse: Bad value for 'fd' [ 277.704304][T11448] gtp4: entered promiscuous mode [ 277.705817][T11448] gtp4: entered allmulticast mode [ 278.619297][T11464] netlink: 1608 bytes leftover after parsing attributes in process `syz.0.1804'. [ 278.623467][T11464] netlink: zone id is out of range [ 278.625485][T11464] netlink: zone id is out of range [ 278.627446][T11464] netlink: zone id is out of range [ 278.630333][T11464] netlink: del zone limit has 4 unknown bytes [ 278.709066][T11464] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1804'. [ 279.678834][T11483] 9pnet_fd: Insufficient options for proto=fd [ 279.894161][T11497] fuse: Bad value for 'user_id' [ 279.895778][T11497] fuse: Bad value for 'user_id' [ 279.995518][ T9371] usb 6-1: new high-speed USB device number 23 using dummy_hcd [ 280.165549][ T9371] usb 6-1: Using ep0 maxpacket: 8 [ 280.196729][ T9371] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 280.200262][ T9371] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 280.206946][ T9371] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 280.210541][ T9371] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 280.215258][ T9371] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 280.221051][ T9371] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 280.437447][ T9371] usb 6-1: GET_CAPABILITIES returned 0 [ 280.444570][ T9371] usbtmc 6-1:16.0: can't read capabilities [ 280.648694][ T31] usb 6-1: USB disconnect, device number 23 [ 281.628678][T11536] gtp2: entered promiscuous mode [ 281.637069][T11536] gtp2: entered allmulticast mode [ 281.792273][T11541] fuse: Invalid rootmode [ 283.503394][T11547] 9pnet_fd: Insufficient options for proto=fd [ 283.637868][T11555] gtp2: entered promiscuous mode [ 283.639729][T11555] gtp2: entered allmulticast mode [ 283.695471][ T9018] usb 6-1: new high-speed USB device number 24 using dummy_hcd [ 283.865543][ T9018] usb 6-1: Using ep0 maxpacket: 8 [ 283.869240][ T9018] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 283.872921][ T9018] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 283.877425][ T9018] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 283.885577][ T9018] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 283.893703][ T9018] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 283.897052][ T9018] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 284.005297][T11558] netlink: 1608 bytes leftover after parsing attributes in process `syz.3.1831'. [ 284.017049][T11558] netlink: zone id is out of range [ 284.019050][T11558] netlink: zone id is out of range [ 284.020985][T11558] netlink: zone id is out of range [ 284.023991][T11558] netlink: del zone limit has 4 unknown bytes [ 284.060035][T11558] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1831'. [ 284.081793][T11561] gtp2: entered promiscuous mode [ 284.083171][T11561] gtp2: entered allmulticast mode [ 284.107937][ T9018] usb 6-1: GET_CAPABILITIES returned 0 [ 284.110080][ T9018] usbtmc 6-1:16.0: can't read capabilities [ 284.309814][ T9018] usb 6-1: USB disconnect, device number 24 [ 284.570790][T11570] gtp3: entered promiscuous mode [ 284.572217][T11570] gtp3: entered allmulticast mode [ 285.827068][T11592] fuse: Bad value for 'rootmode' [ 285.878642][T11594] xt_CONNSECMARK: invalid mode: 0 [ 286.550273][T11615] fuse: Bad value for 'rootmode' [ 287.250611][T11628] xt_CONNSECMARK: invalid mode: 0 [ 287.290782][T11632] fuse: Unknown parameter 'use00000000000000000000' [ 287.717656][T11642] netlink: 1608 bytes leftover after parsing attributes in process `syz.3.1864'. [ 287.720699][T11642] netlink: zone id is out of range [ 287.722155][T11642] netlink: zone id is out of range [ 287.723563][T11642] netlink: zone id is out of range [ 287.725748][T11642] netlink: del zone limit has 4 unknown bytes [ 287.849087][T11648] fuse: Unknown parameter 'use00000000000000000000' [ 288.026570][T11654] fuse: Unknown parameter 'use00000000000000000000' [ 289.187560][T11662] gtp3: entered promiscuous mode [ 289.189059][T11662] gtp3: entered allmulticast mode [ 290.180656][T11683] fuse: Bad value for 'rootmode' [ 290.604349][T11685] 9pnet_fd: Insufficient options for proto=fd [ 290.763700][T11691] netlink: 1608 bytes leftover after parsing attributes in process `syz.1.1870'. [ 290.767552][T11691] netlink: zone id is out of range [ 290.769078][T11691] netlink: zone id is out of range [ 290.770582][T11691] netlink: zone id is out of range [ 290.772613][T11691] netlink: del zone limit has 4 unknown bytes [ 290.863576][T11693] fuse: Unknown parameter 'user_i00000000000000000000' [ 290.913723][T11684] gtp4: entered promiscuous mode [ 290.916011][T11684] gtp4: entered allmulticast mode [ 291.053840][T11700] fuse: Unknown parameter 'use00000000000000000000' [ 291.665670][T11723] xt_CONNSECMARK: invalid mode: 0 [ 292.288324][T11739] fuse: Unknown parameter 'user_id00000000000000000000' [ 292.294790][T11740] fuse: Unknown parameter 'user_i00000000000000000000' [ 292.728560][T11749] fuse: Unknown parameter 'user_i00000000000000000000' [ 292.893616][T11751] fuse: Unknown parameter 'user_id00000000000000000000' [ 293.362490][T11755] fuse: Unknown parameter 'use00000000000000000000' [ 293.647934][T11764] fuse: Bad value for 'fd' [ 293.723020][T11767] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 293.799258][T11766] fuse: Unknown parameter 'user_i00000000000000000000' [ 294.665561][ T31] usb 7-1: new high-speed USB device number 29 using dummy_hcd [ 294.825482][ T31] usb 7-1: Using ep0 maxpacket: 16 [ 294.828325][ T31] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 294.832457][ T31] usb 7-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e [ 294.834997][ T31] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 294.838809][ T31] usb 7-1: Product: syz [ 294.840048][ T31] usb 7-1: Manufacturer: syz [ 294.841442][ T31] usb 7-1: SerialNumber: syz [ 294.843723][ T31] usb 7-1: config 0 descriptor?? [ 294.847210][ T31] hub 7-1:0.0: bad descriptor, ignoring hub [ 294.848996][ T31] hub 7-1:0.0: probe with driver hub failed with error -5 [ 294.851905][ T31] input: syz syz as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/input/input33 [ 295.033153][T11789] fuse: Unknown parameter 'user_i00000000000000000000' [ 295.215771][ T31] usb 7-1: USB disconnect, device number 29 [ 295.654283][T11799] 9pnet_fd: Insufficient options for proto=fd [ 295.669757][T11803] fuse: Bad value for 'fd' [ 295.763610][T11805] fuse: Bad value for 'fd' [ 296.781377][T11815] 9pnet_fd: Insufficient options for proto=fd [ 296.885588][ T59] usb 6-1: new high-speed USB device number 25 using dummy_hcd [ 296.962340][T11824] gtp3: entered promiscuous mode [ 296.963874][T11824] gtp3: entered allmulticast mode [ 297.105560][ T59] usb 6-1: Using ep0 maxpacket: 8 [ 297.109433][ T59] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 297.112905][ T59] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 297.116513][ T59] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 297.119998][ T59] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 297.125701][ T59] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 297.129031][ T59] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 297.182542][T11826] gtp5: entered promiscuous mode [ 297.190366][T11826] gtp5: entered allmulticast mode [ 297.340555][ T59] usb 6-1: GET_CAPABILITIES returned 0 [ 297.342127][ T59] usbtmc 6-1:16.0: can't read capabilities [ 297.542303][ T59] usb 6-1: USB disconnect, device number 25 [ 297.708507][T11833] fuse: Unknown parameter 'user_id00000000000000000000' [ 298.236990][T11841] fuse: Unknown parameter 'user_i00000000000000000000' [ 300.278244][T11867] sg_write: data in/out 489/14 bytes for SCSI command 0x0-- guessing data in; [ 300.278244][T11867] program syz.2.1917 not setting count and/or reply_len properly [ 300.488872][T11868] 9pnet_fd: Insufficient options for proto=fd [ 301.005651][ T10] usb 7-1: new high-speed USB device number 30 using dummy_hcd [ 301.155497][ T10] usb 7-1: Using ep0 maxpacket: 8 [ 301.168301][ T10] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 301.171048][ T10] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 301.173689][ T10] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 301.176497][ T10] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 301.179979][ T10] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 301.182637][ T10] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 301.389157][ T10] usb 7-1: GET_CAPABILITIES returned 0 [ 301.390721][ T10] usbtmc 7-1:16.0: can't read capabilities [ 301.593845][ T59] usb 7-1: USB disconnect, device number 30 [ 302.078543][T11891] gtp6: entered promiscuous mode [ 302.080515][T11891] gtp6: entered allmulticast mode [ 302.967667][T11899] fuse: Unknown parameter 'user_id00000000000000000000' [ 303.808544][T11909] fuse: Unknown parameter '0x0000000000000006' [ 304.980811][T11926] fuse: Unknown parameter '0x0000000000000009' [ 304.994753][T11925] fuse: Unknown parameter '0x0000000000000006' [ 305.928327][T11942] 9pnet_fd: Insufficient options for proto=fd [ 306.315156][T11955] fuse: Unknown parameter '0x0000000000000009' [ 307.295337][T11968] fuse: Unknown parameter 'fd0x0000000000000009' [ 307.812461][T11982] gtp5: entered promiscuous mode [ 307.813888][T11982] gtp5: entered allmulticast mode [ 308.055450][ T10] usb 7-1: new high-speed USB device number 31 using dummy_hcd [ 308.205495][ T10] usb 7-1: Using ep0 maxpacket: 8 [ 308.208183][ T10] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 308.210844][ T10] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 308.213490][ T10] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 308.216551][ T10] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 308.220084][ T10] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 308.222570][ T10] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 308.412511][T11988] fuse: Unknown parameter '0x0000000000000006' [ 308.428238][ T10] usb 7-1: GET_CAPABILITIES returned 0 [ 308.429857][ T10] usbtmc 7-1:16.0: can't read capabilities [ 308.632550][ T10] usb 7-1: USB disconnect, device number 31 [ 310.048447][T12021] xt_CONNSECMARK: invalid mode: 0 [ 310.067483][T12023] fuse: Unknown parameter 'fd0x0000000000000006' [ 311.057491][T12038] gtp4: entered promiscuous mode [ 311.058891][T12038] gtp4: entered allmulticast mode [ 312.269518][T12065] xt_CONNSECMARK: invalid mode: 0 [ 312.384803][T12068] gtp5: entered promiscuous mode [ 312.388824][T12068] gtp5: entered allmulticast mode [ 315.164328][T12115] sg_write: data in/out 489/14 bytes for SCSI command 0x0-- guessing data in; [ 315.164328][T12115] program syz.2.1989 not setting count and/or reply_len properly [ 315.562979][T12116] 9pnet_fd: Insufficient options for proto=fd [ 316.539452][ T1414] ieee802154 phy1 wpan1: encryption failed: -22 [ 317.571596][T12153] gtp7: entered promiscuous mode [ 317.573406][T12153] gtp7: entered allmulticast mode [ 318.117773][T12147] sg_write: data in/out 489/14 bytes for SCSI command 0x0-- guessing data in; [ 318.117773][T12147] program syz.1.1997 not setting count and/or reply_len properly [ 318.319932][T12154] 9pnet_fd: Insufficient options for proto=fd [ 319.313890][T12173] 9pnet_fd: Insufficient options for proto=fd [ 319.969252][T12184] gtp4: entered promiscuous mode [ 319.970746][T12184] gtp4: entered allmulticast mode [ 320.042831][T12183] gtp6: entered promiscuous mode [ 320.044665][T12183] gtp6: entered allmulticast mode [ 321.223610][T12194] fuse: Bad value for 'fd' [ 321.594753][T12209] sg_write: data in/out 489/14 bytes for SCSI command 0x0-- guessing data in; [ 321.594753][T12209] program syz.2.2011 not setting count and/or reply_len properly [ 321.805034][T12210] 9pnet_fd: Insufficient options for proto=fd [ 321.964210][T12216] 9pnet_fd: Insufficient options for proto=fd [ 323.955569][T12266] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2036'. [ 324.104286][T12273] input: syz1 as /devices/virtual/input/input34 [ 325.387298][T12304] virtio-fs: tag <(null)> not found [ 325.725880][ T1329] usb 6-1: new high-speed USB device number 26 using dummy_hcd [ 325.865855][ T1329] usb 6-1: device descriptor read/64, error -71 [ 326.115515][ T1329] usb 6-1: new high-speed USB device number 27 using dummy_hcd [ 326.265482][ T1329] usb 6-1: device descriptor read/64, error -71 [ 326.375619][ T1329] usb usb6-port1: attempt power cycle [ 326.490766][T12343] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2068'. [ 326.715520][ T1329] usb 6-1: new high-speed USB device number 28 using dummy_hcd [ 326.759119][ T1329] usb 6-1: device descriptor read/8, error -71 [ 326.849069][T12353] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2072'. [ 326.895645][ T26] usb 7-1: new high-speed USB device number 32 using dummy_hcd [ 327.005729][ T1329] usb 6-1: new high-speed USB device number 29 using dummy_hcd [ 327.035978][ T1329] usb 6-1: device descriptor read/8, error -71 [ 327.063321][ T26] usb 7-1: config 0 has an invalid interface number: 255 but max is 0 [ 327.066025][ T26] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 327.069928][ T26] usb 7-1: config 0 has no interface number 0 [ 327.073015][ T26] usb 7-1: config 0 interface 255 has no altsetting 0 [ 327.075314][ T26] usb 7-1: New USB device found, idVendor=13e5, idProduct=0001, bcdDevice=4e.53 [ 327.081217][ T26] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 327.085289][ T26] usb 7-1: config 0 descriptor?? [ 327.092400][ T26] usb 7-1: selecting invalid altsetting 0 [ 327.155671][ T1329] usb usb6-port1: unable to enumerate USB device [ 327.293152][T12347] warning: `syz.2.2070' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 327.338078][ T26] usb 7-1: USB disconnect, device number 32 [ 328.022349][T12386] mmap: syz.0.2082 (12386) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 328.478893][T12388] A link change request failed with some changes committed already. Interface xfrm0 may have been left with an inconsistent configuration, please check. [ 329.511824][T12413] Freezing with imperfect legacy cgroup freezer. See cgroup.freeze of cgroup v2 [ 332.155502][ T1329] usb 7-1: new full-speed USB device number 33 using dummy_hcd [ 332.308291][ T1329] usb 7-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0 [ 332.311186][ T1329] usb 7-1: config 0 interface 0 has no altsetting 0 [ 332.314627][ T1329] usb 7-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 332.318104][ T1329] usb 7-1: New USB device strings: Mfr=23, Product=2, SerialNumber=3 [ 332.322772][ T1329] usb 7-1: Product: syz [ 332.324971][ T1329] usb 7-1: Manufacturer: syz [ 332.328475][ T1329] usb 7-1: SerialNumber: syz [ 332.330631][ T1329] usb 7-1: config 0 descriptor?? [ 332.337956][ T1329] usb 7-1: selecting invalid altsetting 0 [ 332.548051][ T1329] usb 7-1: USB disconnect, device number 33 [ 332.771645][ T5957] Bluetooth: hci1: unexpected event for opcode 0x1804 [ 333.015621][ T26] usb 6-1: new high-speed USB device number 30 using dummy_hcd [ 333.176118][ T26] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 333.179133][ T26] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 333.181916][ T26] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 333.193391][ T26] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 333.196003][ T26] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 333.205853][ T26] usb 6-1: config 0 descriptor?? [ 333.616036][ T26] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x5 [ 333.618303][ T26] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0 [ 333.620447][ T26] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0 [ 333.635506][ T26] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0 [ 333.637816][ T26] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0 [ 333.639871][ T26] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0 [ 333.642498][ T26] plantronics 0003:047F:FFFF.0002: No inputs registered, leaving [ 333.650635][ T26] plantronics 0003:047F:FFFF.0002: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0 [ 333.880777][ T9371] usb 6-1: USB disconnect, device number 30 [ 334.419346][T12501] capability: warning: `syz.3.2126' uses 32-bit capabilities (legacy support in use) [ 334.514600][T12514] netlink: 36 bytes leftover after parsing attributes in process `syz.2.2131'. [ 334.779176][ T5955] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 334.782621][ T5955] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 334.795700][ T5955] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 334.806624][ T5955] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 334.810503][ T5955] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 334.813655][ T5955] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 334.893859][T12523] chnl_net:caif_netlink_parms(): no params data found [ 334.990032][ T8701] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 335.013555][T12523] bridge0: port 1(bridge_slave_0) entered blocking state [ 335.016302][T12523] bridge0: port 1(bridge_slave_0) entered disabled state [ 335.018924][T12523] bridge_slave_0: entered allmulticast mode [ 335.021907][T12523] bridge_slave_0: entered promiscuous mode [ 335.025884][T12523] bridge0: port 2(bridge_slave_1) entered blocking state [ 335.028444][T12523] bridge0: port 2(bridge_slave_1) entered disabled state [ 335.031039][T12523] bridge_slave_1: entered allmulticast mode [ 335.033974][T12523] bridge_slave_1: entered promiscuous mode [ 335.072345][T12523] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 335.092082][ T8701] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 335.098520][T12523] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 335.138704][T12523] team0: Port device team_slave_0 added [ 335.143710][T12523] team0: Port device team_slave_1 added [ 335.169188][T12523] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 335.171886][T12523] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 335.183556][T12523] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 335.199013][ T8701] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 335.207035][T12523] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 335.209539][T12523] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 335.218074][T12523] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 335.246176][T12523] hsr_slave_0: entered promiscuous mode [ 335.248061][T12523] hsr_slave_1: entered promiscuous mode [ 335.249829][T12523] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 335.251958][T12523] Cannot create hsr debugfs directory [ 335.289018][ T8701] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 335.571125][ T8701] bridge_slave_1: left allmulticast mode [ 335.574035][ T8701] bridge_slave_1: left promiscuous mode [ 335.597512][ T8701] bridge0: port 2(bridge_slave_1) entered disabled state [ 335.626052][ T8701] bridge_slave_0: left allmulticast mode [ 335.628065][ T8701] bridge_slave_0: left promiscuous mode [ 335.630179][ T8701] bridge0: port 1(bridge_slave_0) entered disabled state [ 336.052789][ T8701] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 336.056704][ T8701] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 336.059767][ T8701] bond0 (unregistering): Released all slaves [ 336.133351][ T8701] tipc: Disabling bearer [ 336.140370][ T8701] tipc: Left network mode [ 336.328695][T12523] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 336.331940][T12523] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 336.334958][T12523] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 336.340260][T12523] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 336.383340][T12523] 8021q: adding VLAN 0 to HW filter on device bond0 [ 336.393946][ T8701] macvlan0: left promiscuous mode [ 336.405780][ T8701] batadv_slave_1: left promiscuous mode [ 336.412847][ T8701] hsr_slave_0: left promiscuous mode [ 336.415250][ T8701] hsr_slave_1: left promiscuous mode [ 336.417316][ T8701] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 336.419455][ T8701] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 336.422284][ T8701] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 336.424317][ T8701] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 336.438869][ T8701] veth1_macvtap: left allmulticast mode [ 336.440491][ T8701] veth1_macvtap: left promiscuous mode [ 336.442201][ T8701] veth0_macvtap: left promiscuous mode [ 336.444403][ T8701] veth1_vlan: left promiscuous mode [ 336.446937][ T8701] veth0_vlan: left promiscuous mode [ 336.845500][ T5957] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0 [ 336.848952][ T5955] Bluetooth: hci2: command tx timeout [ 336.850101][ T5957] Bluetooth: hci1: Injecting HCI hardware error event [ 336.859734][ T5955] Bluetooth: hci1: hardware error 0x00 [ 337.585923][T12568] batadv_slave_1: entered promiscuous mode [ 337.589327][T12567] batadv_slave_1: left promiscuous mode [ 337.592801][T12523] 8021q: adding VLAN 0 to HW filter on device team0 [ 337.597480][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 337.599474][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 337.606520][ T8688] bridge0: port 2(bridge_slave_1) entered blocking state [ 337.609164][ T8688] bridge0: port 2(bridge_slave_1) entered forwarding state [ 337.657668][T12585] trusted_key: syz.1.2155 sent an empty control message without MSG_MORE. [ 337.701258][T12523] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 337.721463][T12523] veth0_vlan: entered promiscuous mode [ 337.730357][T12523] veth1_vlan: entered promiscuous mode [ 337.748141][T12523] veth0_macvtap: entered promiscuous mode [ 337.751080][T12523] veth1_macvtap: entered promiscuous mode [ 337.756978][T12523] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 337.759865][T12523] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 337.762521][T12523] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 337.765584][T12523] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 337.768212][T12523] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 337.771051][T12523] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 337.774220][T12523] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 337.779110][T12523] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 337.781929][T12523] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 337.784534][T12523] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 337.787501][T12523] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 337.790208][T12523] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 337.793042][T12523] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 337.797012][T12523] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 337.801042][T12523] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 337.803551][T12523] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 337.806231][T12523] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 337.808658][T12523] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 337.844622][ T8811] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 337.848234][ T8811] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 337.857119][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 337.859300][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 337.902919][ T40] kauditd_printk_skb: 8 callbacks suppressed [ 337.902929][ T40] audit: type=1326 audit(1742885165.822:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12595 comm="syz.0.2133" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741e579 code=0x7ffc0000 [ 337.903678][ T40] audit: type=1326 audit(1742885165.822:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12595 comm="syz.0.2133" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741e579 code=0x7ffc0000 [ 337.903781][ T40] audit: type=1326 audit(1742885165.822:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12595 comm="syz.0.2133" exe="/syz-executor" sig=0 arch=40000003 syscall=259 compat=1 ip=0xf741e579 code=0x7ffc0000 [ 337.903801][ T40] audit: type=1326 audit(1742885165.822:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12595 comm="syz.0.2133" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741e579 code=0x7ffc0000 [ 337.903859][ T40] audit: type=1326 audit(1742885165.822:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12595 comm="syz.0.2133" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741e579 code=0x7ffc0000 [ 337.904049][ T40] audit: type=1326 audit(1742885165.822:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12595 comm="syz.0.2133" exe="/syz-executor" sig=0 arch=40000003 syscall=260 compat=1 ip=0xf741e579 code=0x7ffc0000 [ 337.904235][ T40] audit: type=1326 audit(1742885165.822:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12595 comm="syz.0.2133" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf741e598 code=0x7ffc0000 [ 337.952731][ T1329] usb 7-1: new high-speed USB device number 34 using dummy_hcd [ 337.955339][ T40] audit: type=1326 audit(1742885165.822:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12595 comm="syz.0.2133" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf741e598 code=0x7ffc0000 [ 337.955364][ T40] audit: type=1326 audit(1742885165.822:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12595 comm="syz.0.2133" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf741e598 code=0x7ffc0000 [ 337.955442][ T40] audit: type=1326 audit(1742885165.822:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12595 comm="syz.0.2133" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf741e598 code=0x7ffc0000 [ 338.001240][ T65] hid-generic 0000:0003:0000.0003: unknown main item tag 0x0 [ 338.003425][ T65] hid-generic 0000:0003:0000.0003: unknown main item tag 0x0 [ 338.008563][ T65] hid-generic 0000:0003:0000.0003: hidraw1: HID v0.00 Device [syz1] on syz0 [ 338.125937][ T1329] usb 7-1: Using ep0 maxpacket: 16 [ 338.140350][ T1329] usb 7-1: unable to get BOS descriptor or descriptor too short [ 338.143072][ T1329] usb 7-1: unable to read config index 0 descriptor/start: -71 [ 338.145192][ T1329] usb 7-1: can't read configurations, error -71 [ 338.514759][T12616] 9pnet_fd: Insufficient options for proto=fd [ 338.935537][ T5955] Bluetooth: hci1: Opcode 0x0c03 failed: -110 [ 338.935592][ T5957] Bluetooth: hci2: command tx timeout [ 339.295479][ T65] usb 5-1: new high-speed USB device number 18 using dummy_hcd [ 339.445500][ T65] usb 5-1: Using ep0 maxpacket: 32 [ 339.448649][ T65] usb 5-1: config 0 has an invalid interface number: 184 but max is 0 [ 339.451702][ T65] usb 5-1: config 0 has no interface number 0 [ 339.454061][ T65] usb 5-1: config 0 interface 184 has no altsetting 0 [ 339.459002][ T65] usb 5-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee [ 339.462484][ T65] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 339.465808][ T65] usb 5-1: Product: syz [ 339.467427][ T65] usb 5-1: Manufacturer: syz [ 339.469219][ T65] usb 5-1: SerialNumber: syz [ 339.472270][ T65] usb 5-1: config 0 descriptor?? [ 339.476143][ T65] smsc75xx v1.0.0 [ 340.516546][ T65] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): EEPROM read operation timeout [ 340.720411][ T65] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71 [ 340.723588][ T65] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -71 [ 340.727406][ T65] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_reset [ 340.730391][ T65] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71 [ 340.733269][ T65] smsc75xx 5-1:0.184: probe with driver smsc75xx failed with error -71 [ 340.738423][ T65] usb 5-1: USB disconnect, device number 18 [ 341.005570][ T5957] Bluetooth: hci2: command tx timeout [ 341.334844][T12671] BUG: Bad page state in process syz.3.2183 pfn:4bf62 [ 341.336854][T12671] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888000000000 pfn:0x4bf62 [ 341.340898][T12671] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff) [ 341.342911][T12671] raw: 04fff00000000000 dead000000000040 ffff88801f1b5000 0000000000000000 [ 341.345248][T12671] raw: ffff888000000000 3fffffffffffffff 00000000ffffffff 0000000000000000 [ 341.347666][T12671] page dumped because: page_pool leak [ 341.349172][T12671] page_owner tracks the page as allocated [ 341.350867][T12671] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 12671, tgid 12670 (syz.3.2183), ts 341334725138, free_ts 340755729067 [ 341.355466][T12671] post_alloc_hook+0x181/0x1b0 [ 341.356812][T12671] get_page_from_freelist+0xfce/0x2f80 [ 341.358483][T12671] __alloc_frozen_pages_noprof+0x221/0x2470 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 341.360235][T12671] alloc_pages_bulk_noprof+0x6f9/0x1390 [ 341.361870][T12671] __page_pool_alloc_pages_slow+0x18c/0x770 [ 341.363542][T12671] page_pool_alloc_netmems+0xc4/0x160 [ 341.365053][T12671] page_pool_alloc_frag_netmem+0x220/0x760 [ 341.366749][T12671] skb_pp_cow_data+0x571/0xf10 [ 341.368138][T12671] skb_cow_data_for_xdp+0x88/0xb0 [ 341.369544][T12671] do_xdp_generic+0x3f1/0xe70 [ 341.370951][T12671] tun_get_user+0x1e04/0x3e50 [ 341.372273][T12671] tun_chr_write_iter+0xdc/0x210 [ 341.373709][T12671] vfs_write+0x5ae/0x1150 [ 341.374904][T12671] ksys_write+0x12b/0x250 [ 341.376195][T12671] __do_fast_syscall_32+0x73/0x120 [ 341.377616][T12671] do_fast_syscall_32+0x32/0x80 [ 341.378983][T12671] page last free pid 0 tgid 0 stack trace: [ 341.380585][T12671] free_frozen_pages+0x6db/0xfb0 [ 341.381971][T12671] tlb_remove_table_rcu+0x116/0x1a0 [ 341.383399][T12671] rcu_core+0x79d/0x14d0 [ 341.384568][T12671] handle_softirqs+0x213/0x8f0 [ 341.385986][T12671] __irq_exit_rcu+0x109/0x170 [ 341.387285][T12671] irq_exit_rcu+0x9/0x30 [ 341.388495][T12671] sysvec_apic_timer_interrupt+0xa4/0xc0 [ 341.390053][T12671] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 341.391705][T12671] Modules linked in: [ 341.392807][T12671] CPU: 0 UID: 0 PID: 12671 Comm: syz.3.2183 Not tainted 6.14.0-syzkaller-00624-g2f2d52945852 #0 [ 341.392819][T12671] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 341.392825][T12671] Call Trace: [ 341.392829][T12671] [ 341.392842][T12671] dump_stack_lvl+0x16c/0x1f0 [ 341.392859][T12671] bad_page+0xb3/0x1f0 [ 341.392869][T12671] ? __pfx_bad_page+0x10/0x10 [ 341.392880][T12671] ? page_bad_reason+0x9d/0x1e0 [ 341.392892][T12671] free_frozen_pages+0x701/0xfb0 [ 341.392908][T12671] page_frag_free+0x255/0x2a0 [ 341.392919][T12671] __xdp_return+0x363/0xac0 [ 341.392933][T12671] ? kmem_cache_free+0x2e2/0x4d0 [ 341.392951][T12671] bpf_xdp_adjust_tail+0x9de/0xf70 [ 341.392972][T12671] bpf_prog_f476d5219b92964a+0x1e/0x20 [ 341.392981][T12671] bpf_prog_run_generic_xdp+0xe33/0x1500 [ 341.393000][T12671] do_xdp_generic+0x70a/0xe70 [ 341.393013][T12671] ? __pfx_do_xdp_generic+0x10/0x10 [ 341.393031][T12671] ? tun_get_user+0x1d55/0x3e50 [ 341.393048][T12671] tun_get_user+0x1e04/0x3e50 [ 341.393066][T12671] ? __pfx___futex_wait+0x10/0x10 [ 341.393081][T12671] ? __pfx_tun_get_user+0x10/0x10 [ 341.393095][T12671] ? find_held_lock+0x2d/0x110 [ 341.393120][T12671] ? __pfx_lock_release+0x10/0x10 [ 341.393142][T12671] tun_chr_write_iter+0xdc/0x210 [ 341.393157][T12671] vfs_write+0x5ae/0x1150 [ 341.393171][T12671] ? __pfx_tun_chr_write_iter+0x10/0x10 [ 341.393187][T12671] ? __pfx_lock_release+0x10/0x10 [ 341.393202][T12671] ? __pfx_vfs_write+0x10/0x10 [ 341.393216][T12671] ? lock_acquire+0x2f/0xb0 [ 341.393229][T12671] ? __fget_files+0x40/0x3b0 [ 341.393249][T12671] ksys_write+0x12b/0x250 [ 341.393262][T12671] ? __pfx_ksys_write+0x10/0x10 [ 341.393279][T12671] __do_fast_syscall_32+0x73/0x120 [ 341.393293][T12671] do_fast_syscall_32+0x32/0x80 [ 341.393307][T12671] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 341.393323][T12671] RIP: 0023:0xf744e579 [ 341.393331][T12671] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 341.393341][T12671] RSP: 002b:00000000f50d6520 EFLAGS: 00000293 ORIG_RAX: 0000000000000004 [ 341.393351][T12671] RAX: ffffffffffffffda RBX: 00000000000000c8 RCX: 0000000080000a80 [ 341.393357][T12671] RDX: 000000000000fdef RSI: 00000000f743cff4 RDI: 0000000000000000 [ 341.393362][T12671] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 341.393368][T12671] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 341.393373][T12671] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 341.393385][T12671] [ 341.393422][T12671] Disabling lock debugging due to kernel taint [ 341.465916][T12671] BUG: Bad page state in process syz.3.2183 pfn:4b8ab [ 341.467982][T12671] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x4b8ab [ 341.470525][T12671] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff) [ 341.472530][T12671] raw: 04fff00000000000 dead000000000040 ffff88801f1b5000 0000000000000000 [ 341.474958][T12671] raw: 0000000000000000 0000000000000001 00000000ffffffff 0000000000000000 [ 341.477403][T12671] page dumped because: page_pool leak [ 341.478902][T12671] page_owner tracks the page as allocated [ 341.480469][T12671] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 12671, tgid 12670 (syz.3.2183), ts 341334720242, free_ts 340755765495 [ 341.485206][T12671] post_alloc_hook+0x181/0x1b0 [ 341.486718][T12671] get_page_from_freelist+0xfce/0x2f80 [ 341.488260][T12671] __alloc_frozen_pages_noprof+0x221/0x2470 [ 341.490054][T12671] alloc_pages_bulk_noprof+0x6f9/0x1390 [ 341.491694][T12671] __page_pool_alloc_pages_slow+0x18c/0x770 [ 341.493350][T12671] page_pool_alloc_netmems+0xc4/0x160 [ 341.494844][T12671] skb_pp_cow_data+0x776/0xf10 [ 341.496305][T12671] skb_cow_data_for_xdp+0x88/0xb0 [ 341.497744][T12671] do_xdp_generic+0x3f1/0xe70 [ 341.499092][T12671] tun_get_user+0x1e04/0x3e50 [ 341.500413][T12671] tun_chr_write_iter+0xdc/0x210 [ 341.501831][T12671] vfs_write+0x5ae/0x1150 [ 341.503049][T12671] ksys_write+0x12b/0x250 [ 341.504273][T12671] __do_fast_syscall_32+0x73/0x120 [ 341.505796][T12671] do_fast_syscall_32+0x32/0x80 [ 341.507284][T12671] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 341.509057][T12671] page last free pid 0 tgid 0 stack trace: [ 341.510686][T12671] free_frozen_pages+0x6db/0xfb0 [ 341.512078][T12671] tlb_remove_table_rcu+0x116/0x1a0 [ 341.513528][T12671] rcu_core+0x79d/0x14d0 [ 341.514729][T12671] handle_softirqs+0x213/0x8f0 [ 341.516104][T12671] __irq_exit_rcu+0x109/0x170 [ 341.517435][T12671] irq_exit_rcu+0x9/0x30 [ 341.518657][T12671] sysvec_apic_timer_interrupt+0xa4/0xc0 [ 341.520221][T12671] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 341.521938][T12671] Modules linked in: [ 341.523048][T12671] CPU: 0 UID: 0 PID: 12671 Comm: syz.3.2183 Tainted: G B 6.14.0-syzkaller-00624-g2f2d52945852 #0 [ 341.523064][T12671] Tainted: [B]=BAD_PAGE [ 341.523068][T12671] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 341.523083][T12671] Call Trace: [ 341.523088][T12671] [ 341.523093][T12671] dump_stack_lvl+0x16c/0x1f0 [ 341.523108][T12671] bad_page+0xb3/0x1f0 [ 341.523119][T12671] ? __pfx_bad_page+0x10/0x10 [ 341.523129][T12671] ? page_bad_reason+0x9d/0x1e0 [ 341.523139][T12671] free_frozen_pages+0x701/0xfb0 [ 341.523154][T12671] page_frag_free+0x255/0x2a0 [ 341.523165][T12671] __xdp_return+0x363/0xac0 [ 341.523180][T12671] ? kmem_cache_free+0x2e2/0x4d0 [ 341.523195][T12671] bpf_xdp_adjust_tail+0x9de/0xf70 [ 341.523212][T12671] bpf_prog_f476d5219b92964a+0x1e/0x20 [ 341.523220][T12671] bpf_prog_run_generic_xdp+0xe33/0x1500 [ 341.523234][T12671] do_xdp_generic+0x70a/0xe70 [ 341.523245][T12671] ? __pfx_do_xdp_generic+0x10/0x10 [ 341.523258][T12671] ? tun_get_user+0x1d55/0x3e50 [ 341.523274][T12671] tun_get_user+0x1e04/0x3e50 [ 341.523289][T12671] ? __pfx___futex_wait+0x10/0x10 [ 341.523303][T12671] ? __pfx_tun_get_user+0x10/0x10 [ 341.523316][T12671] ? find_held_lock+0x2d/0x110 [ 341.523328][T12671] ? __pfx_lock_release+0x10/0x10 [ 341.523343][T12671] tun_chr_write_iter+0xdc/0x210 [ 341.523357][T12671] vfs_write+0x5ae/0x1150 [ 341.523370][T12671] ? __pfx_tun_chr_write_iter+0x10/0x10 [ 341.523384][T12671] ? __pfx_lock_release+0x10/0x10 [ 341.523397][T12671] ? __pfx_vfs_write+0x10/0x10 [ 341.523410][T12671] ? lock_acquire+0x2f/0xb0 [ 341.523424][T12671] ? __fget_files+0x40/0x3b0 [ 341.523440][T12671] ksys_write+0x12b/0x250 [ 341.523452][T12671] ? __pfx_ksys_write+0x10/0x10 [ 341.523466][T12671] __do_fast_syscall_32+0x73/0x120 [ 341.523480][T12671] do_fast_syscall_32+0x32/0x80 [ 341.523493][T12671] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 341.523508][T12671] RIP: 0023:0xf744e579 [ 341.523516][T12671] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 341.523525][T12671] RSP: 002b:00000000f50d6520 EFLAGS: 00000293 ORIG_RAX: 0000000000000004 [ 341.523535][T12671] RAX: ffffffffffffffda RBX: 00000000000000c8 RCX: 0000000080000a80 [ 341.523541][T12671] RDX: 000000000000fdef RSI: 00000000f743cff4 RDI: 0000000000000000 [ 341.523547][T12671] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 341.523552][T12671] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 341.523558][T12671] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 341.523568][T12671] [ 341.523606][T12671] BUG: Bad page state in process syz.3.2183 pfn:49a99 [ 341.597569][T12671] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x49a99 [ 341.599951][T12671] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff) [ 341.601959][T12671] raw: 04fff00000000000 dead000000000040 ffff88801f1b5000 0000000000000000 [ 341.604280][T12671] raw: 0000000000000000 0000000000000001 00000000ffffffff 0000000000000000 [ 341.606684][T12671] page dumped because: page_pool leak [ 341.608162][T12671] page_owner tracks the page as allocated [ 341.609715][T12671] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 12671, tgid 12670 (syz.3.2183), ts 341334716122, free_ts 340755775006 [ 341.614301][T12671] post_alloc_hook+0x181/0x1b0 [ 341.615702][T12671] get_page_from_freelist+0xfce/0x2f80 [ 341.617227][T12671] __alloc_frozen_pages_noprof+0x221/0x2470 [ 341.618880][T12671] alloc_pages_bulk_noprof+0x6f9/0x1390 [ 341.620408][T12671] __page_pool_alloc_pages_slow+0x18c/0x770 [ 341.622107][T12671] page_pool_alloc_netmems+0xc4/0x160 [ 341.623600][T12671] skb_pp_cow_data+0x776/0xf10 [ 341.624940][T12671] skb_cow_data_for_xdp+0x88/0xb0 [ 341.626422][T12671] do_xdp_generic+0x3f1/0xe70 [ 341.627760][T12671] tun_get_user+0x1e04/0x3e50 [ 341.629101][T12671] tun_chr_write_iter+0xdc/0x210 [ 341.630487][T12671] vfs_write+0x5ae/0x1150 [ 341.631708][T12671] ksys_write+0x12b/0x250 [ 341.632937][T12671] __do_fast_syscall_32+0x73/0x120 [ 341.634395][T12671] do_fast_syscall_32+0x32/0x80 [ 341.635857][T12671] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 341.637642][T12671] page last free pid 0 tgid 0 stack trace: [ 341.639283][T12671] free_frozen_pages+0x6db/0xfb0 [ 341.640695][T12671] tlb_remove_table_rcu+0x116/0x1a0 [ 341.642156][T12671] rcu_core+0x79d/0x14d0 [ 341.643342][T12671] handle_softirqs+0x213/0x8f0 [ 341.644671][T12671] __irq_exit_rcu+0x109/0x170 [ 341.646083][T12671] irq_exit_rcu+0x9/0x30 [ 341.647304][T12671] sysvec_apic_timer_interrupt+0xa4/0xc0 [ 341.648875][T12671] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 341.650553][T12671] Modules linked in: [ 341.651667][T12671] CPU: 0 UID: 0 PID: 12671 Comm: syz.3.2183 Tainted: G B 6.14.0-syzkaller-00624-g2f2d52945852 #0 [ 341.651682][T12671] Tainted: [B]=BAD_PAGE [ 341.651685][T12671] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 341.651701][T12671] Call Trace: [ 341.651705][T12671] [ 341.651709][T12671] dump_stack_lvl+0x16c/0x1f0 [ 341.651723][T12671] bad_page+0xb3/0x1f0 [ 341.651733][T12671] ? __pfx_bad_page+0x10/0x10 [ 341.651743][T12671] ? page_bad_reason+0x9d/0x1e0 [ 341.651752][T12671] free_frozen_pages+0x701/0xfb0 [ 341.651767][T12671] page_frag_free+0x255/0x2a0 [ 341.651776][T12671] __xdp_return+0x363/0xac0 [ 341.651790][T12671] ? kmem_cache_free+0x2e2/0x4d0 [ 341.651804][T12671] bpf_xdp_adjust_tail+0x9de/0xf70 [ 341.651822][T12671] bpf_prog_f476d5219b92964a+0x1e/0x20 [ 341.651829][T12671] bpf_prog_run_generic_xdp+0xe33/0x1500 [ 341.651844][T12671] do_xdp_generic+0x70a/0xe70 [ 341.651859][T12671] ? __pfx_do_xdp_generic+0x10/0x10 [ 341.651872][T12671] ? tun_get_user+0x1d55/0x3e50 [ 341.651888][T12671] tun_get_user+0x1e04/0x3e50 [ 341.651903][T12671] ? __pfx___futex_wait+0x10/0x10 [ 341.651917][T12671] ? __pfx_tun_get_user+0x10/0x10 [ 341.651931][T12671] ? find_held_lock+0x2d/0x110 [ 341.651942][T12671] ? __pfx_lock_release+0x10/0x10 [ 341.651958][T12671] tun_chr_write_iter+0xdc/0x210 [ 341.651973][T12671] vfs_write+0x5ae/0x1150 [ 341.651986][T12671] ? __pfx_tun_chr_write_iter+0x10/0x10 [ 341.652001][T12671] ? __pfx_lock_release+0x10/0x10 [ 341.652013][T12671] ? __pfx_vfs_write+0x10/0x10 [ 341.652026][T12671] ? lock_acquire+0x2f/0xb0 [ 341.652038][T12671] ? __fget_files+0x40/0x3b0 [ 341.652054][T12671] ksys_write+0x12b/0x250 [ 341.652067][T12671] ? __pfx_ksys_write+0x10/0x10 [ 341.652081][T12671] __do_fast_syscall_32+0x73/0x120 [ 341.652095][T12671] do_fast_syscall_32+0x32/0x80 [ 341.652108][T12671] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 341.652123][T12671] RIP: 0023:0xf744e579 [ 341.652130][T12671] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 341.652140][T12671] RSP: 002b:00000000f50d6520 EFLAGS: 00000293 ORIG_RAX: 0000000000000004 [ 341.652150][T12671] RAX: ffffffffffffffda RBX: 00000000000000c8 RCX: 0000000080000a80 [ 341.652156][T12671] RDX: 000000000000fdef RSI: 00000000f743cff4 RDI: 0000000000000000 [ 341.652162][T12671] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 341.652167][T12671] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 341.652173][T12671] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 341.652181][T12671] [ 341.652213][T12671] BUG: Bad page state in process syz.3.2183 pfn:4c256 [ 341.726809][T12671] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x4c256 [ 341.729247][T12671] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff) [ 341.731297][T12671] raw: 04fff00000000000 dead000000000040 ffff88801f1b5000 0000000000000000 [ 341.733711][T12671] raw: 0000000000000000 0000000000000001 00000000ffffffff 0000000000000000 [ 341.736112][T12671] page dumped because: page_pool leak [ 341.737650][T12671] page_owner tracks the page as allocated [ 341.739291][T12671] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 12671, tgid 12670 (syz.3.2183), ts 341334711754, free_ts 340755784700 [ 341.744028][T12671] post_alloc_hook+0x181/0x1b0 [ 341.745517][T12671] get_page_from_freelist+0xfce/0x2f80 [ 341.747077][T12671] __alloc_frozen_pages_noprof+0x221/0x2470 [ 341.748826][T12671] alloc_pages_bulk_noprof+0x6f9/0x1390 [ 341.750424][T12671] __page_pool_alloc_pages_slow+0x18c/0x770 [ 341.752106][T12671] page_pool_alloc_netmems+0xc4/0x160 [ 341.753650][T12671] skb_pp_cow_data+0x776/0xf10 [ 341.755030][T12671] skb_cow_data_for_xdp+0x88/0xb0 [ 341.756539][T12671] do_xdp_generic+0x3f1/0xe70 [ 341.757900][T12671] tun_get_user+0x1e04/0x3e50 [ 341.759267][T12671] tun_chr_write_iter+0xdc/0x210 [ 341.760694][T12671] vfs_write+0x5ae/0x1150 [ 341.761968][T12671] ksys_write+0x12b/0x250 [ 341.763213][T12671] __do_fast_syscall_32+0x73/0x120 [ 341.764673][T12671] do_fast_syscall_32+0x32/0x80 [ 341.766164][T12671] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 341.767981][T12671] page last free pid 0 tgid 0 stack trace: [ 341.769652][T12671] free_frozen_pages+0x6db/0xfb0 [ 341.771062][T12671] tlb_remove_table_rcu+0x116/0x1a0 [ 341.772538][T12671] rcu_core+0x79d/0x14d0 [ 341.773767][T12671] handle_softirqs+0x213/0x8f0 [ 341.775143][T12671] __irq_exit_rcu+0x109/0x170 [ 341.776572][T12671] irq_exit_rcu+0x9/0x30 [ 341.777842][T12671] sysvec_apic_timer_interrupt+0xa4/0xc0 [ 341.779497][T12671] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 341.781246][T12671] Modules linked in: [ 341.782399][T12671] CPU: 0 UID: 0 PID: 12671 Comm: syz.3.2183 Tainted: G B 6.14.0-syzkaller-00624-g2f2d52945852 #0 [ 341.782414][T12671] Tainted: [B]=BAD_PAGE [ 341.782425][T12671] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 341.782432][T12671] Call Trace: [ 341.782437][T12671] [ 341.782441][T12671] dump_stack_lvl+0x16c/0x1f0 [ 341.782456][T12671] bad_page+0xb3/0x1f0 [ 341.782465][T12671] ? __pfx_bad_page+0x10/0x10 [ 341.782475][T12671] ? page_bad_reason+0x9d/0x1e0 [ 341.782484][T12671] free_frozen_pages+0x701/0xfb0 [ 341.782499][T12671] page_frag_free+0x255/0x2a0 [ 341.782508][T12671] __xdp_return+0x363/0xac0 [ 341.782523][T12671] ? kmem_cache_free+0x2e2/0x4d0 [ 341.782536][T12671] bpf_xdp_adjust_tail+0x9de/0xf70 [ 341.782554][T12671] bpf_prog_f476d5219b92964a+0x1e/0x20 [ 341.782562][T12671] bpf_prog_run_generic_xdp+0xe33/0x1500 [ 341.782576][T12671] do_xdp_generic+0x70a/0xe70 [ 341.782587][T12671] ? __pfx_do_xdp_generic+0x10/0x10 [ 341.782601][T12671] ? tun_get_user+0x1d55/0x3e50 [ 341.782617][T12671] tun_get_user+0x1e04/0x3e50 [ 341.782631][T12671] ? __pfx___futex_wait+0x10/0x10 [ 341.782647][T12671] ? __pfx_tun_get_user+0x10/0x10 [ 341.782660][T12671] ? find_held_lock+0x2d/0x110 [ 341.782671][T12671] ? __pfx_lock_release+0x10/0x10 [ 341.782688][T12671] tun_chr_write_iter+0xdc/0x210 [ 341.782702][T12671] vfs_write+0x5ae/0x1150 [ 341.782715][T12671] ? __pfx_tun_chr_write_iter+0x10/0x10 [ 341.782729][T12671] ? __pfx_lock_release+0x10/0x10 [ 341.782741][T12671] ? __pfx_vfs_write+0x10/0x10 [ 341.782754][T12671] ? lock_acquire+0x2f/0xb0 [ 341.782766][T12671] ? __fget_files+0x40/0x3b0 [ 341.782782][T12671] ksys_write+0x12b/0x250 [ 341.782794][T12671] ? __pfx_ksys_write+0x10/0x10 [ 341.782809][T12671] __do_fast_syscall_32+0x73/0x120 [ 341.782823][T12671] do_fast_syscall_32+0x32/0x80 [ 341.782836][T12671] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 341.782856][T12671] RIP: 0023:0xf744e579 [ 341.782863][T12671] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 341.782873][T12671] RSP: 002b:00000000f50d6520 EFLAGS: 00000293 ORIG_RAX: 0000000000000004 [ 341.782883][T12671] RAX: ffffffffffffffda RBX: 00000000000000c8 RCX: 0000000080000a80 [ 341.782889][T12671] RDX: 000000000000fdef RSI: 00000000f743cff4 RDI: 0000000000000000 [ 341.782895][T12671] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 341.782901][T12671] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 341.782906][T12671] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 341.782914][T12671] [ 341.782946][T12671] BUG: Bad page state in process syz.3.2183 pfn:4f0ba [ 341.857393][T12671] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888000000000 pfn:0x4f0ba [ 341.860136][T12671] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff) [ 341.862123][T12671] raw: 04fff00000000000 dead000000000040 ffff88801f1b5000 0000000000000000 [ 341.864448][T12671] raw: ffff888000000000 0000000000000001 00000000ffffffff 0000000000000000 [ 341.866825][T12671] page dumped because: page_pool leak [ 341.868344][T12671] page_owner tracks the page as allocated [ 341.869918][T12671] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 12671, tgid 12670 (syz.3.2183), ts 341334681971, free_ts 340755794141 [ 341.874487][T12671] post_alloc_hook+0x181/0x1b0 [ 341.875884][T12671] get_page_from_freelist+0xfce/0x2f80 [ 341.877422][T12671] __alloc_frozen_pages_noprof+0x221/0x2470 [ 341.879095][T12671] alloc_pages_bulk_noprof+0x6f9/0x1390 [ 341.880623][T12671] __page_pool_alloc_pages_slow+0x18c/0x770 [ 341.882292][T12671] page_pool_alloc_netmems+0xc4/0x160 [ 341.883801][T12671] skb_pp_cow_data+0x776/0xf10 [ 341.885262][T12671] skb_cow_data_for_xdp+0x88/0xb0 [ 341.886815][T12671] do_xdp_generic+0x3f1/0xe70 [ 341.888206][T12671] tun_get_user+0x1e04/0x3e50 [ 341.889577][T12671] tun_chr_write_iter+0xdc/0x210 [ 341.890988][T12671] vfs_write+0x5ae/0x1150 [ 341.892205][T12671] ksys_write+0x12b/0x250 [ 341.893429][T12671] __do_fast_syscall_32+0x73/0x120 [ 341.894876][T12671] do_fast_syscall_32+0x32/0x80 [ 341.896291][T12671] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 341.898104][T12671] page last free pid 0 tgid 0 stack trace: [ 341.899760][T12671] free_frozen_pages+0x6db/0xfb0 [ 341.901177][T12671] tlb_remove_table_rcu+0x116/0x1a0 [ 341.902663][T12671] rcu_core+0x79d/0x14d0 [ 341.903875][T12671] handle_softirqs+0x213/0x8f0 [ 341.905215][T12671] __irq_exit_rcu+0x109/0x170 [ 341.906580][T12671] irq_exit_rcu+0x9/0x30 [ 341.907783][T12671] sysvec_apic_timer_interrupt+0xa4/0xc0 [ 341.909399][T12671] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 341.911072][T12671] Modules linked in: [ 341.912182][T12671] CPU: 0 UID: 0 PID: 12671 Comm: syz.3.2183 Tainted: G B 6.14.0-syzkaller-00624-g2f2d52945852 #0 [ 341.912201][T12671] Tainted: [B]=BAD_PAGE [ 341.912204][T12671] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 341.912210][T12671] Call Trace: [ 341.912215][T12671] [ 341.912219][T12671] dump_stack_lvl+0x16c/0x1f0 [ 341.912244][T12671] bad_page+0xb3/0x1f0 [ 341.912255][T12671] ? __pfx_bad_page+0x10/0x10 [ 341.912264][T12671] ? page_bad_reason+0x9d/0x1e0 [ 341.912274][T12671] free_frozen_pages+0x701/0xfb0 [ 341.912288][T12671] page_frag_free+0x255/0x2a0 [ 341.912297][T12671] __xdp_return+0x363/0xac0 [ 341.912312][T12671] ? kmem_cache_free+0x2e2/0x4d0 [ 341.912326][T12671] bpf_xdp_adjust_tail+0x9de/0xf70 [ 341.912344][T12671] bpf_prog_f476d5219b92964a+0x1e/0x20 [ 341.912352][T12671] bpf_prog_run_generic_xdp+0xe33/0x1500 [ 341.912367][T12671] do_xdp_generic+0x70a/0xe70 [ 341.912378][T12671] ? __pfx_do_xdp_generic+0x10/0x10 [ 341.912392][T12671] ? tun_get_user+0x1d55/0x3e50 [ 341.912407][T12671] tun_get_user+0x1e04/0x3e50 [ 341.912422][T12671] ? __pfx___futex_wait+0x10/0x10 [ 341.912437][T12671] ? __pfx_tun_get_user+0x10/0x10 [ 341.912450][T12671] ? find_held_lock+0x2d/0x110 [ 341.912461][T12671] ? __pfx_lock_release+0x10/0x10 [ 341.912477][T12671] tun_chr_write_iter+0xdc/0x210 [ 341.912491][T12671] vfs_write+0x5ae/0x1150 [ 341.912504][T12671] ? __pfx_tun_chr_write_iter+0x10/0x10 [ 341.912518][T12671] ? __pfx_lock_release+0x10/0x10 [ 341.912531][T12671] ? __pfx_vfs_write+0x10/0x10 [ 341.912544][T12671] ? lock_acquire+0x2f/0xb0 [ 341.912556][T12671] ? __fget_files+0x40/0x3b0 [ 341.912572][T12671] ksys_write+0x12b/0x250 [ 341.912584][T12671] ? __pfx_ksys_write+0x10/0x10 [ 341.912598][T12671] __do_fast_syscall_32+0x73/0x120 [ 341.912612][T12671] do_fast_syscall_32+0x32/0x80 [ 341.912626][T12671] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 341.912641][T12671] RIP: 0023:0xf744e579 [ 341.912649][T12671] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 341.912659][T12671] RSP: 002b:00000000f50d6520 EFLAGS: 00000293 ORIG_RAX: 0000000000000004 [ 341.912668][T12671] RAX: ffffffffffffffda RBX: 00000000000000c8 RCX: 0000000080000a80 [ 341.912674][T12671] RDX: 000000000000fdef RSI: 00000000f743cff4 RDI: 0000000000000000 [ 341.912680][T12671] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 341.912686][T12671] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 341.912691][T12671] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 341.912700][T12671] [ 341.912732][T12671] BUG: Bad page state in process syz.3.2183 pfn:5b8f0 [ 341.992173][T12671] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88805b8f0000 pfn:0x5b8f0 [ 341.995724][T12671] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff) [ 341.997794][T12671] raw: 04fff00000000000 dead000000000040 ffff88801f1b5000 0000000000000000 [ 342.000196][T12671] raw: ffff88805b8f0000 0000000000000001 00000000ffffffff 0000000000000000 [ 342.002555][T12671] page dumped because: page_pool leak [ 342.004058][T12671] page_owner tracks the page as allocated [ 342.005733][T12671] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 12671, tgid 12670 (syz.3.2183), ts 341334677990, free_ts 340755850285 [ 342.010388][T12671] post_alloc_hook+0x181/0x1b0 [ 342.011744][T12671] get_page_from_freelist+0xfce/0x2f80 [ 342.013261][T12671] __alloc_frozen_pages_noprof+0x221/0x2470 [ 342.015001][T12671] alloc_pages_bulk_noprof+0x6f9/0x1390 [ 342.016731][T12671] __page_pool_alloc_pages_slow+0x18c/0x770 [ 342.018590][T12671] page_pool_alloc_netmems+0xc4/0x160 [ 342.020288][T12671] skb_pp_cow_data+0x776/0xf10 [ 342.021652][T12671] skb_cow_data_for_xdp+0x88/0xb0 [ 342.023074][T12671] do_xdp_generic+0x3f1/0xe70 [ 342.024401][T12671] tun_get_user+0x1e04/0x3e50 [ 342.025794][T12671] tun_chr_write_iter+0xdc/0x210 [ 342.027213][T12671] vfs_write+0x5ae/0x1150 [ 342.028479][T12671] ksys_write+0x12b/0x250 [ 342.029738][T12671] __do_fast_syscall_32+0x73/0x120 [ 342.031271][T12671] do_fast_syscall_32+0x32/0x80 [ 342.032734][T12671] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 342.034623][T12671] page last free pid 0 tgid 0 stack trace: [ 342.036359][T12671] free_frozen_pages+0x6db/0xfb0 [ 342.037805][T12671] tlb_remove_table_rcu+0x116/0x1a0 [ 342.039242][T12671] rcu_core+0x79d/0x14d0 [ 342.040429][T12671] handle_softirqs+0x213/0x8f0 [ 342.041783][T12671] __irq_exit_rcu+0x109/0x170 [ 342.043135][T12671] irq_exit_rcu+0x9/0x30 [ 342.044352][T12671] sysvec_apic_timer_interrupt+0xa4/0xc0 [ 342.045934][T12671] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 342.047660][T12671] Modules linked in: [ 342.048824][T12671] CPU: 0 UID: 0 PID: 12671 Comm: syz.3.2183 Tainted: G B 6.14.0-syzkaller-00624-g2f2d52945852 #0 [ 342.048839][T12671] Tainted: [B]=BAD_PAGE [ 342.048843][T12671] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 342.048857][T12671] Call Trace: [ 342.048863][T12671] [ 342.048867][T12671] dump_stack_lvl+0x16c/0x1f0 [ 342.048888][T12671] bad_page+0xb3/0x1f0 [ 342.048897][T12671] ? __pfx_bad_page+0x10/0x10 [ 342.048907][T12671] ? page_bad_reason+0x9d/0x1e0 [ 342.048917][T12671] free_frozen_pages+0x701/0xfb0 [ 342.048931][T12671] page_frag_free+0x255/0x2a0 [ 342.048941][T12671] __xdp_return+0x363/0xac0 [ 342.048955][T12671] ? kmem_cache_free+0x2e2/0x4d0 [ 342.048968][T12671] bpf_xdp_adjust_tail+0x9de/0xf70 [ 342.048986][T12671] bpf_prog_f476d5219b92964a+0x1e/0x20 [ 342.048994][T12671] bpf_prog_run_generic_xdp+0xe33/0x1500 [ 342.049009][T12671] do_xdp_generic+0x70a/0xe70 [ 342.049020][T12671] ? __pfx_do_xdp_generic+0x10/0x10 [ 342.049034][T12671] ? tun_get_user+0x1d55/0x3e50 [ 342.049049][T12671] tun_get_user+0x1e04/0x3e50 [ 342.049064][T12671] ? __pfx___futex_wait+0x10/0x10 [ 342.049079][T12671] ? __pfx_tun_get_user+0x10/0x10 [ 342.049092][T12671] ? find_held_lock+0x2d/0x110 [ 342.049118][T12671] ? __pfx_lock_release+0x10/0x10 [ 342.049136][T12671] tun_chr_write_iter+0xdc/0x210 [ 342.049150][T12671] vfs_write+0x5ae/0x1150 [ 342.049163][T12671] ? __pfx_tun_chr_write_iter+0x10/0x10 [ 342.049177][T12671] ? __pfx_lock_release+0x10/0x10 [ 342.049193][T12671] ? __pfx_vfs_write+0x10/0x10 [ 342.049206][T12671] ? lock_acquire+0x2f/0xb0 [ 342.049218][T12671] ? __fget_files+0x40/0x3b0 [ 342.049234][T12671] ksys_write+0x12b/0x250 [ 342.049246][T12671] ? __pfx_ksys_write+0x10/0x10 [ 342.049260][T12671] __do_fast_syscall_32+0x73/0x120 [ 342.049275][T12671] do_fast_syscall_32+0x32/0x80 [ 342.049288][T12671] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 342.049303][T12671] RIP: 0023:0xf744e579 [ 342.049311][T12671] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 342.049321][T12671] RSP: 002b:00000000f50d6520 EFLAGS: 00000293 ORIG_RAX: 0000000000000004 [ 342.049331][T12671] RAX: ffffffffffffffda RBX: 00000000000000c8 RCX: 0000000080000a80 [ 342.049337][T12671] RDX: 000000000000fdef RSI: 00000000f743cff4 RDI: 0000000000000000 [ 342.049343][T12671] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 342.049348][T12671] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 342.049354][T12671] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 342.049362][T12671] [ 342.049396][T12671] BUG: Bad page state in process syz.3.2183 pfn:71f1b [ 342.124338][T12671] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x71f1b [ 342.126881][T12671] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff) [ 342.128897][T12671] raw: 04fff00000000000 dead000000000040 ffff88801f1b5000 0000000000000000 [ 342.131298][T12671] raw: 0000000000000000 0000000000000001 00000000ffffffff 0000000000000000 [ 342.133674][T12671] page dumped because: page_pool leak [ 342.135187][T12671] page_owner tracks the page as allocated [ 342.136859][T12671] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 12671, tgid 12670 (syz.3.2183), ts 341334673455, free_ts 340755860194 [ 342.141561][T12671] post_alloc_hook+0x181/0x1b0 [ 342.142937][T12671] get_page_from_freelist+0xfce/0x2f80 [ 342.144508][T12671] __alloc_frozen_pages_noprof+0x221/0x2470 [ 342.146269][T12671] alloc_pages_bulk_noprof+0x6f9/0x1390 [ 342.147839][T12671] __page_pool_alloc_pages_slow+0x18c/0x770 [ 342.149575][T12671] page_pool_alloc_netmems+0xc4/0x160 [ 342.151097][T12671] skb_pp_cow_data+0x776/0xf10 [ 342.152470][T12671] skb_cow_data_for_xdp+0x88/0xb0 [ 342.153902][T12671] do_xdp_generic+0x3f1/0xe70 [ 342.155239][T12671] tun_get_user+0x1e04/0x3e50 [ 342.156615][T12671] tun_chr_write_iter+0xdc/0x210 [ 342.158054][T12671] vfs_write+0x5ae/0x1150 [ 342.159314][T12671] ksys_write+0x12b/0x250 [ 342.160549][T12671] __do_fast_syscall_32+0x73/0x120 [ 342.162034][T12671] do_fast_syscall_32+0x32/0x80 [ 342.163404][T12671] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 342.165184][T12671] page last free pid 0 tgid 0 stack trace: [ 342.166855][T12671] free_frozen_pages+0x6db/0xfb0 [ 342.168261][T12671] tlb_remove_table_rcu+0x116/0x1a0 [ 342.169759][T12671] rcu_core+0x79d/0x14d0 [ 342.170971][T12671] handle_softirqs+0x213/0x8f0 [ 342.172328][T12671] __irq_exit_rcu+0x109/0x170 [ 342.173671][T12671] irq_exit_rcu+0x9/0x30 [ 342.174884][T12671] sysvec_apic_timer_interrupt+0xa4/0xc0 [ 342.176543][T12671] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 342.178259][T12671] Modules linked in: [ 342.179542][T12671] CPU: 0 UID: 0 PID: 12671 Comm: syz.3.2183 Tainted: G B 6.14.0-syzkaller-00624-g2f2d52945852 #0 [ 342.179557][T12671] Tainted: [B]=BAD_PAGE [ 342.179561][T12671] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 342.179576][T12671] Call Trace: [ 342.179581][T12671] [ 342.179585][T12671] dump_stack_lvl+0x16c/0x1f0 [ 342.179601][T12671] bad_page+0xb3/0x1f0 [ 342.179611][T12671] ? __pfx_bad_page+0x10/0x10 [ 342.179621][T12671] ? page_bad_reason+0x9d/0x1e0 [ 342.179631][T12671] free_frozen_pages+0x701/0xfb0 [ 342.179645][T12671] page_frag_free+0x255/0x2a0 [ 342.179655][T12671] __xdp_return+0x363/0xac0 [ 342.179669][T12671] ? kmem_cache_free+0x2e2/0x4d0 [ 342.179683][T12671] bpf_xdp_adjust_tail+0x9de/0xf70 [ 342.179700][T12671] bpf_prog_f476d5219b92964a+0x1e/0x20 [ 342.179708][T12671] bpf_prog_run_generic_xdp+0xe33/0x1500 [ 342.179722][T12671] do_xdp_generic+0x70a/0xe70 [ 342.179733][T12671] ? __pfx_do_xdp_generic+0x10/0x10 [ 342.179747][T12671] ? tun_get_user+0x1d55/0x3e50 [ 342.179763][T12671] tun_get_user+0x1e04/0x3e50 [ 342.179778][T12671] ? __pfx___futex_wait+0x10/0x10 [ 342.179792][T12671] ? __pfx_tun_get_user+0x10/0x10 [ 342.179806][T12671] ? find_held_lock+0x2d/0x110 [ 342.179817][T12671] ? __pfx_lock_release+0x10/0x10 [ 342.179833][T12671] tun_chr_write_iter+0xdc/0x210 [ 342.179847][T12671] vfs_write+0x5ae/0x1150 [ 342.179864][T12671] ? __pfx_tun_chr_write_iter+0x10/0x10 [ 342.179878][T12671] ? __pfx_lock_release+0x10/0x10 [ 342.179891][T12671] ? __pfx_vfs_write+0x10/0x10 [ 342.179903][T12671] ? lock_acquire+0x2f/0xb0 [ 342.179916][T12671] ? __fget_files+0x40/0x3b0 [ 342.179931][T12671] ksys_write+0x12b/0x250 [ 342.179944][T12671] ? __pfx_ksys_write+0x10/0x10 [ 342.179958][T12671] __do_fast_syscall_32+0x73/0x120 [ 342.179972][T12671] do_fast_syscall_32+0x32/0x80 [ 342.179985][T12671] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 342.180001][T12671] RIP: 0023:0xf744e579 [ 342.180009][T12671] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 342.180018][T12671] RSP: 002b:00000000f50d6520 EFLAGS: 00000293 ORIG_RAX: 0000000000000004 [ 342.180028][T12671] RAX: ffffffffffffffda RBX: 00000000000000c8 RCX: 0000000080000a80 [ 342.180034][T12671] RDX: 000000000000fdef RSI: 00000000f743cff4 RDI: 0000000000000000 [ 342.180040][T12671] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 342.180046][T12671] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 342.180052][T12671] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 342.180060][T12671] [ 342.180093][T12671] BUG: Bad page state in process syz.3.2183 pfn:4ab45 [ 342.256141][T12671] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x4ab45 [ 342.258657][T12671] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff) [ 342.260695][T12671] raw: 04fff00000000000 dead000000000040 ffff88801f1b5000 0000000000000000 [ 342.263220][T12671] raw: 0000000000000000 0000000000000001 00000000ffffffff 0000000000000000 [ 342.265694][T12671] page dumped because: page_pool leak [ 342.267240][T12671] page_owner tracks the page as allocated [ 342.268838][T12671] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 12671, tgid 12670 (syz.3.2183), ts 341334668361, free_ts 340755901698 [ 342.273536][T12671] post_alloc_hook+0x181/0x1b0 [ 342.274925][T12671] get_page_from_freelist+0xfce/0x2f80 [ 342.276558][T12671] __alloc_frozen_pages_noprof+0x221/0x2470 [ 342.278269][T12671] alloc_pages_bulk_noprof+0x6f9/0x1390 [ 342.279876][T12671] __page_pool_alloc_pages_slow+0x18c/0x770 [ 342.281608][T12671] page_pool_alloc_netmems+0xc4/0x160 [ 342.283150][T12671] skb_pp_cow_data+0x776/0xf10 [ 342.284523][T12671] skb_cow_data_for_xdp+0x88/0xb0 [ 342.286016][T12671] do_xdp_generic+0x3f1/0xe70 [ 342.287348][T12671] tun_get_user+0x1e04/0x3e50 [ 342.288700][T12671] tun_chr_write_iter+0xdc/0x210 [ 342.290141][T12671] vfs_write+0x5ae/0x1150 [ 342.291413][T12671] ksys_write+0x12b/0x250 [ 342.292677][T12671] __do_fast_syscall_32+0x73/0x120 [ 342.294182][T12671] do_fast_syscall_32+0x32/0x80 [ 342.295619][T12671] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 342.297507][T12671] page last free pid 0 tgid 0 stack trace: [ 342.299219][T12671] free_frozen_pages+0x6db/0xfb0 [ 342.300686][T12671] tlb_remove_table_rcu+0x116/0x1a0 [ 342.302462][T12671] rcu_core+0x79d/0x14d0 [ 342.303732][T12671] handle_softirqs+0x213/0x8f0 [ 342.305216][T12671] __irq_exit_rcu+0x109/0x170 [ 342.306648][T12671] irq_exit_rcu+0x9/0x30 [ 342.307931][T12671] sysvec_apic_timer_interrupt+0xa4/0xc0 [ 342.309557][T12671] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 342.311310][T12671] Modules linked in: [ 342.312449][T12671] CPU: 0 UID: 0 PID: 12671 Comm: syz.3.2183 Tainted: G B 6.14.0-syzkaller-00624-g2f2d52945852 #0 [ 342.312464][T12671] Tainted: [B]=BAD_PAGE [ 342.312467][T12671] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 342.312473][T12671] Call Trace: [ 342.312487][T12671] [ 342.312492][T12671] dump_stack_lvl+0x16c/0x1f0 [ 342.312508][T12671] bad_page+0xb3/0x1f0 [ 342.312518][T12671] ? __pfx_bad_page+0x10/0x10 [ 342.312528][T12671] ? page_bad_reason+0x9d/0x1e0 [ 342.312538][T12671] free_frozen_pages+0x701/0xfb0 [ 342.312552][T12671] page_frag_free+0x255/0x2a0 [ 342.312562][T12671] __xdp_return+0x363/0xac0 [ 342.312576][T12671] ? kmem_cache_free+0x2e2/0x4d0 [ 342.312590][T12671] bpf_xdp_adjust_tail+0x9de/0xf70 [ 342.312608][T12671] bpf_prog_f476d5219b92964a+0x1e/0x20 [ 342.312616][T12671] bpf_prog_run_generic_xdp+0xe33/0x1500 [ 342.312631][T12671] do_xdp_generic+0x70a/0xe70 [ 342.312642][T12671] ? __pfx_do_xdp_generic+0x10/0x10 [ 342.312656][T12671] ? tun_get_user+0x1d55/0x3e50 [ 342.312672][T12671] tun_get_user+0x1e04/0x3e50 [ 342.312687][T12671] ? __pfx___futex_wait+0x10/0x10 [ 342.312702][T12671] ? __pfx_tun_get_user+0x10/0x10 [ 342.312715][T12671] ? find_held_lock+0x2d/0x110 [ 342.312727][T12671] ? __pfx_lock_release+0x10/0x10 [ 342.312744][T12671] tun_chr_write_iter+0xdc/0x210 [ 342.312758][T12671] vfs_write+0x5ae/0x1150 [ 342.312772][T12671] ? __pfx_tun_chr_write_iter+0x10/0x10 [ 342.312786][T12671] ? __pfx_lock_release+0x10/0x10 [ 342.312799][T12671] ? __pfx_vfs_write+0x10/0x10 [ 342.312812][T12671] ? lock_acquire+0x2f/0xb0 [ 342.312824][T12671] ? __fget_files+0x40/0x3b0 [ 342.312840][T12671] ksys_write+0x12b/0x250 [ 342.312852][T12671] ? __pfx_ksys_write+0x10/0x10 [ 342.312866][T12671] __do_fast_syscall_32+0x73/0x120 [ 342.312880][T12671] do_fast_syscall_32+0x32/0x80 [ 342.312897][T12671] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 342.312913][T12671] RIP: 0023:0xf744e579 [ 342.312920][T12671] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 342.312930][T12671] RSP: 002b:00000000f50d6520 EFLAGS: 00000293 ORIG_RAX: 0000000000000004 [ 342.312940][T12671] RAX: ffffffffffffffda RBX: 00000000000000c8 RCX: 0000000080000a80 [ 342.312946][T12671] RDX: 000000000000fdef RSI: 00000000f743cff4 RDI: 0000000000000000 [ 342.312952][T12671] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 342.312957][T12671] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 342.312963][T12671] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 342.312971][T12671] [ 342.313008][T12671] BUG: Bad page state in process syz.3.2183 pfn:45f7b [ 342.387562][T12671] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888000000000 pfn:0x45f7b [ 342.390317][T12671] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff) [ 342.392455][T12671] raw: 04fff00000000000 dead000000000040 ffff88801f1b5000 0000000000000000 [ 342.394870][T12671] raw: ffff888000000000 0000000000000001 00000000ffffffff 0000000000000000 [ 342.397359][T12671] page dumped because: page_pool leak [ 342.398872][T12671] page_owner tracks the page as allocated [ 342.400494][T12671] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 12671, tgid 12670 (syz.3.2183), ts 341334638641, free_ts 340755912780 [ 342.405239][T12671] post_alloc_hook+0x181/0x1b0 [ 342.406686][T12671] get_page_from_freelist+0xfce/0x2f80 [ 342.408290][T12671] __alloc_frozen_pages_noprof+0x221/0x2470 [ 342.410009][T12671] alloc_pages_bulk_noprof+0x6f9/0x1390 [ 342.411592][T12671] __page_pool_alloc_pages_slow+0x18c/0x770 [ 342.413302][T12671] page_pool_alloc_netmems+0xc4/0x160 [ 342.414856][T12671] skb_pp_cow_data+0x776/0xf10 [ 342.416378][T12671] skb_cow_data_for_xdp+0x88/0xb0 [ 342.417836][T12671] do_xdp_generic+0x3f1/0xe70 [ 342.419210][T12671] tun_get_user+0x1e04/0x3e50 [ 342.420561][T12671] tun_chr_write_iter+0xdc/0x210 [ 342.422003][T12671] vfs_write+0x5ae/0x1150 [ 342.423240][T12671] ksys_write+0x12b/0x250 [ 342.424479][T12671] __do_fast_syscall_32+0x73/0x120 [ 342.426033][T12671] do_fast_syscall_32+0x32/0x80 [ 342.427426][T12671] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 342.429249][T12671] page last free pid 0 tgid 0 stack trace: [ 342.430901][T12671] free_frozen_pages+0x6db/0xfb0 [ 342.432357][T12671] tlb_remove_table_rcu+0x116/0x1a0 [ 342.433839][T12671] rcu_core+0x79d/0x14d0 [ 342.435061][T12671] handle_softirqs+0x213/0x8f0 [ 342.436510][T12671] __irq_exit_rcu+0x109/0x170 [ 342.437865][T12671] irq_exit_rcu+0x9/0x30 [ 342.439083][T12671] sysvec_apic_timer_interrupt+0xa4/0xc0 [ 342.440681][T12671] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 342.442453][T12671] Modules linked in: [ 342.443581][T12671] CPU: 0 UID: 0 PID: 12671 Comm: syz.3.2183 Tainted: G B 6.14.0-syzkaller-00624-g2f2d52945852 #0 [ 342.443596][T12671] Tainted: [B]=BAD_PAGE [ 342.443608][T12671] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 342.443615][T12671] Call Trace: [ 342.443619][T12671] [ 342.443623][T12671] dump_stack_lvl+0x16c/0x1f0 [ 342.443638][T12671] bad_page+0xb3/0x1f0 [ 342.443647][T12671] ? __pfx_bad_page+0x10/0x10 [ 342.443657][T12671] ? page_bad_reason+0x9d/0x1e0 [ 342.443667][T12671] free_frozen_pages+0x701/0xfb0 [ 342.443681][T12671] page_frag_free+0x255/0x2a0 [ 342.443690][T12671] __xdp_return+0x363/0xac0 [ 342.443705][T12671] ? kmem_cache_free+0x2e2/0x4d0 [ 342.443719][T12671] bpf_xdp_adjust_tail+0x9de/0xf70 [ 342.443736][T12671] bpf_prog_f476d5219b92964a+0x1e/0x20 [ 342.443744][T12671] bpf_prog_run_generic_xdp+0xe33/0x1500 [ 342.443759][T12671] do_xdp_generic+0x70a/0xe70 [ 342.443770][T12671] ? __pfx_do_xdp_generic+0x10/0x10 [ 342.443783][T12671] ? tun_get_user+0x1d55/0x3e50 [ 342.443799][T12671] tun_get_user+0x1e04/0x3e50 [ 342.443814][T12671] ? __pfx___futex_wait+0x10/0x10 [ 342.443829][T12671] ? __pfx_tun_get_user+0x10/0x10 [ 342.443843][T12671] ? find_held_lock+0x2d/0x110 [ 342.443854][T12671] ? __pfx_lock_release+0x10/0x10 [ 342.443870][T12671] tun_chr_write_iter+0xdc/0x210 [ 342.443887][T12671] vfs_write+0x5ae/0x1150 [ 342.443901][T12671] ? __pfx_tun_chr_write_iter+0x10/0x10 [ 342.443915][T12671] ? __pfx_lock_release+0x10/0x10 [ 342.443927][T12671] ? __pfx_vfs_write+0x10/0x10 [ 342.443940][T12671] ? lock_acquire+0x2f/0xb0 [ 342.443952][T12671] ? __fget_files+0x40/0x3b0 [ 342.443968][T12671] ksys_write+0x12b/0x250 [ 342.443981][T12671] ? __pfx_ksys_write+0x10/0x10 [ 342.443995][T12671] __do_fast_syscall_32+0x73/0x120 [ 342.444009][T12671] do_fast_syscall_32+0x32/0x80 [ 342.444022][T12671] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 342.444037][T12671] RIP: 0023:0xf744e579 [ 342.444044][T12671] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 342.444054][T12671] RSP: 002b:00000000f50d6520 EFLAGS: 00000293 ORIG_RAX: 0000000000000004 [ 342.444063][T12671] RAX: ffffffffffffffda RBX: 00000000000000c8 RCX: 0000000080000a80 [ 342.444069][T12671] RDX: 000000000000fdef RSI: 00000000f743cff4 RDI: 0000000000000000 [ 342.444075][T12671] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 342.444081][T12671] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 342.444086][T12671] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 342.444094][T12671] [ 342.444126][T12671] BUG: Bad page state in process syz.3.2183 pfn:69607 [ 342.520084][T12671] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x69607 [ 342.522560][T12671] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff) [ 342.524590][T12671] raw: 04fff00000000000 dead000000000040 ffff88801f1b5000 0000000000000000 [ 342.527069][T12671] raw: 0000000000000000 0000000000000001 00000000ffffffff 0000000000000000 [ 342.529481][T12671] page dumped because: page_pool leak [ 342.531042][T12671] page_owner tracks the page as allocated [ 342.532645][T12671] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 12671, tgid 12670 (syz.3.2183), ts 341334634580, free_ts 340755948630 [ 342.537393][T12671] post_alloc_hook+0x181/0x1b0 [ 342.538777][T12671] get_page_from_freelist+0xfce/0x2f80 [ 342.540287][T12671] __alloc_frozen_pages_noprof+0x221/0x2470 [ 342.541964][T12671] alloc_pages_bulk_noprof+0x6f9/0x1390 [ 342.543503][T12671] __page_pool_alloc_pages_slow+0x18c/0x770 [ 342.545161][T12671] page_pool_alloc_netmems+0xc4/0x160 [ 342.546702][T12671] skb_pp_cow_data+0x776/0xf10 [ 342.548044][T12671] skb_cow_data_for_xdp+0x88/0xb0 [ 342.549454][T12671] do_xdp_generic+0x3f1/0xe70 [ 342.550771][T12671] tun_get_user+0x1e04/0x3e50 [ 342.552079][T12671] tun_chr_write_iter+0xdc/0x210 [ 342.553466][T12671] vfs_write+0x5ae/0x1150 [ 342.554678][T12671] ksys_write+0x12b/0x250 [ 342.555945][T12671] __do_fast_syscall_32+0x73/0x120 [ 342.557416][T12671] do_fast_syscall_32+0x32/0x80 [ 342.558771][T12671] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 342.560535][T12671] page last free pid 0 tgid 0 stack trace: [ 342.562173][T12671] free_frozen_pages+0x6db/0xfb0 [ 342.563548][T12671] tlb_remove_table_rcu+0x116/0x1a0 [ 342.564980][T12671] rcu_core+0x79d/0x14d0 [ 342.566235][T12671] handle_softirqs+0x213/0x8f0 [ 342.567606][T12671] __irq_exit_rcu+0x109/0x170 [ 342.568923][T12671] irq_exit_rcu+0x9/0x30 [ 342.570126][T12671] sysvec_apic_timer_interrupt+0xa4/0xc0 [ 342.571687][T12671] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 342.573356][T12671] Modules linked in: [ 342.574482][T12671] CPU: 0 UID: 0 PID: 12671 Comm: syz.3.2183 Tainted: G B 6.14.0-syzkaller-00624-g2f2d52945852 #0 [ 342.574497][T12671] Tainted: [B]=BAD_PAGE [ 342.574500][T12671] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 342.574506][T12671] Call Trace: [ 342.574510][T12671] [ 342.574514][T12671] dump_stack_lvl+0x16c/0x1f0 [ 342.574528][T12671] bad_page+0xb3/0x1f0 [ 342.574549][T12671] ? __pfx_bad_page+0x10/0x10 [ 342.574558][T12671] ? page_bad_reason+0x9d/0x1e0 [ 342.574568][T12671] free_frozen_pages+0x701/0xfb0 [ 342.574582][T12671] page_frag_free+0x255/0x2a0 [ 342.574591][T12671] __xdp_return+0x363/0xac0 [ 342.574606][T12671] ? kmem_cache_free+0x2e2/0x4d0 [ 342.574620][T12671] bpf_xdp_adjust_tail+0x9de/0xf70 [ 342.574637][T12671] bpf_prog_f476d5219b92964a+0x1e/0x20 [ 342.574645][T12671] bpf_prog_run_generic_xdp+0xe33/0x1500 [ 342.574659][T12671] do_xdp_generic+0x70a/0xe70 [ 342.574671][T12671] ? __pfx_do_xdp_generic+0x10/0x10 [ 342.574684][T12671] ? tun_get_user+0x1d55/0x3e50 [ 342.574699][T12671] tun_get_user+0x1e04/0x3e50 [ 342.574714][T12671] ? __pfx___futex_wait+0x10/0x10 [ 342.574729][T12671] ? __pfx_tun_get_user+0x10/0x10 [ 342.574741][T12671] ? find_held_lock+0x2d/0x110 [ 342.574754][T12671] ? __pfx_lock_release+0x10/0x10 [ 342.574769][T12671] tun_chr_write_iter+0xdc/0x210 [ 342.574783][T12671] vfs_write+0x5ae/0x1150 [ 342.574797][T12671] ? __pfx_tun_chr_write_iter+0x10/0x10 [ 342.574810][T12671] ? __pfx_lock_release+0x10/0x10 [ 342.574823][T12671] ? __pfx_vfs_write+0x10/0x10 [ 342.574836][T12671] ? lock_acquire+0x2f/0xb0 [ 342.574851][T12671] ? __fget_files+0x40/0x3b0 [ 342.574867][T12671] ksys_write+0x12b/0x250 [ 342.574880][T12671] ? __pfx_ksys_write+0x10/0x10 [ 342.574894][T12671] __do_fast_syscall_32+0x73/0x120 [ 342.574908][T12671] do_fast_syscall_32+0x32/0x80 [ 342.574921][T12671] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 342.574937][T12671] RIP: 0023:0xf744e579 [ 342.574945][T12671] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 342.574954][T12671] RSP: 002b:00000000f50d6520 EFLAGS: 00000293 ORIG_RAX: 0000000000000004 [ 342.574964][T12671] RAX: ffffffffffffffda RBX: 00000000000000c8 RCX: 0000000080000a80 [ 342.574970][T12671] RDX: 000000000000fdef RSI: 00000000f743cff4 RDI: 0000000000000000 [ 342.574976][T12671] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 342.574981][T12671] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 342.574987][T12671] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 342.574995][T12671] [ 342.575028][T12671] BUG: Bad page state in process syz.3.2183 pfn:67435 [ 342.649411][T12671] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888000000000 pfn:0x67435 [ 342.652207][T12671] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff) [ 342.654196][T12671] raw: 04fff00000000000 dead000000000040 ffff88801f1b5000 0000000000000000 [ 342.656658][T12671] raw: ffff888000000000 0000000000000001 00000000ffffffff 0000000000000000 [ 342.659051][T12671] page dumped because: page_pool leak [ 342.660539][T12671] page_owner tracks the page as allocated [ 342.662178][T12671] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 12671, tgid 12670 (syz.3.2183), ts 341334630225, free_ts 340755962727 [ 342.666885][T12671] post_alloc_hook+0x181/0x1b0 [ 342.668252][T12671] get_page_from_freelist+0xfce/0x2f80 [ 342.669781][T12671] __alloc_frozen_pages_noprof+0x221/0x2470 [ 342.671470][T12671] alloc_pages_bulk_noprof+0x6f9/0x1390 [ 342.673014][T12671] __page_pool_alloc_pages_slow+0x18c/0x770 [ 342.674680][T12671] page_pool_alloc_netmems+0xc4/0x160 [ 342.676242][T12671] skb_pp_cow_data+0x776/0xf10 [ 342.677618][T12671] skb_cow_data_for_xdp+0x88/0xb0 [ 342.679051][T12671] do_xdp_generic+0x3f1/0xe70 [ 342.680395][T12671] tun_get_user+0x1e04/0x3e50 [ 342.681755][T12671] tun_chr_write_iter+0xdc/0x210 [ 342.683155][T12671] vfs_write+0x5ae/0x1150 [ 342.684385][T12671] ksys_write+0x12b/0x250 [ 342.685657][T12671] __do_fast_syscall_32+0x73/0x120 [ 342.687093][T12671] do_fast_syscall_32+0x32/0x80 [ 342.688478][T12671] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 342.690257][T12671] page last free pid 0 tgid 0 stack trace: [ 342.691892][T12671] free_frozen_pages+0x6db/0xfb0 [ 342.693281][T12671] tlb_remove_table_rcu+0x116/0x1a0 [ 342.694718][T12671] rcu_core+0x79d/0x14d0 [ 342.695954][T12671] handle_softirqs+0x213/0x8f0 [ 342.697326][T12671] __irq_exit_rcu+0x109/0x170 [ 342.698657][T12671] irq_exit_rcu+0x9/0x30 [ 342.699836][T12671] sysvec_apic_timer_interrupt+0xa4/0xc0 [ 342.701424][T12671] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 342.703066][T12671] Modules linked in: [ 342.704173][T12671] CPU: 0 UID: 0 PID: 12671 Comm: syz.3.2183 Tainted: G B 6.14.0-syzkaller-00624-g2f2d52945852 #0 [ 342.704188][T12671] Tainted: [B]=BAD_PAGE [ 342.704191][T12671] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 342.704198][T12671] Call Trace: [ 342.704201][T12671] [ 342.704205][T12671] dump_stack_lvl+0x16c/0x1f0 [ 342.704229][T12671] bad_page+0xb3/0x1f0 [ 342.704240][T12671] ? __pfx_bad_page+0x10/0x10 [ 342.704250][T12671] ? page_bad_reason+0x9d/0x1e0 [ 342.704260][T12671] free_frozen_pages+0x701/0xfb0 [ 342.704274][T12671] page_frag_free+0x255/0x2a0 [ 342.704284][T12671] __xdp_return+0x363/0xac0 [ 342.704298][T12671] ? kmem_cache_free+0x2e2/0x4d0 [ 342.704312][T12671] bpf_xdp_adjust_tail+0x9de/0xf70 [ 342.704329][T12671] bpf_prog_f476d5219b92964a+0x1e/0x20 [ 342.704337][T12671] bpf_prog_run_generic_xdp+0xe33/0x1500 [ 342.704352][T12671] do_xdp_generic+0x70a/0xe70 [ 342.704363][T12671] ? __pfx_do_xdp_generic+0x10/0x10 [ 342.704377][T12671] ? tun_get_user+0x1d55/0x3e50 [ 342.704392][T12671] tun_get_user+0x1e04/0x3e50 [ 342.704407][T12671] ? __pfx___futex_wait+0x10/0x10 [ 342.704422][T12671] ? __pfx_tun_get_user+0x10/0x10 [ 342.704435][T12671] ? find_held_lock+0x2d/0x110 [ 342.704447][T12671] ? __pfx_lock_release+0x10/0x10 [ 342.704463][T12671] tun_chr_write_iter+0xdc/0x210 [ 342.704476][T12671] vfs_write+0x5ae/0x1150 [ 342.704490][T12671] ? __pfx_tun_chr_write_iter+0x10/0x10 [ 342.704503][T12671] ? __pfx_lock_release+0x10/0x10 [ 342.704516][T12671] ? __pfx_vfs_write+0x10/0x10 [ 342.704529][T12671] ? lock_acquire+0x2f/0xb0 [ 342.704541][T12671] ? __fget_files+0x40/0x3b0 [ 342.704557][T12671] ksys_write+0x12b/0x250 [ 342.704569][T12671] ? __pfx_ksys_write+0x10/0x10 [ 342.704583][T12671] __do_fast_syscall_32+0x73/0x120 [ 342.704598][T12671] do_fast_syscall_32+0x32/0x80 [ 342.704611][T12671] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 342.704627][T12671] RIP: 0023:0xf744e579 [ 342.704634][T12671] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 342.704644][T12671] RSP: 002b:00000000f50d6520 EFLAGS: 00000293 ORIG_RAX: 0000000000000004 [ 342.704654][T12671] RAX: ffffffffffffffda RBX: 00000000000000c8 RCX: 0000000080000a80 [ 342.704660][T12671] RDX: 000000000000fdef RSI: 00000000f743cff4 RDI: 0000000000000000 [ 342.704666][T12671] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 342.704672][T12671] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 342.704677][T12671] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 342.704686][T12671] [ 342.704717][T12671] BUG: Bad page state in process syz.3.2183 pfn:4b88a [ 342.778723][T12671] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888000000000 pfn:0x4b88a [ 342.781532][T12671] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff) [ 342.783557][T12671] raw: 04fff00000000000 dead000000000040 ffff88801f1b5000 0000000000000000 [ 342.785996][T12671] raw: ffff888000000000 0000000000000001 00000000ffffffff 0000000000000000 [ 342.788395][T12671] page dumped because: page_pool leak [ 342.789919][T12671] page_owner tracks the page as allocated [ 342.791535][T12671] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 12671, tgid 12670 (syz.3.2183), ts 341334625614, free_ts 340755972516 [ 342.796259][T12671] post_alloc_hook+0x181/0x1b0 [ 342.797633][T12671] get_page_from_freelist+0xfce/0x2f80 [ 342.799213][T12671] __alloc_frozen_pages_noprof+0x221/0x2470 [ 342.800905][T12671] alloc_pages_bulk_noprof+0x6f9/0x1390 [ 342.802500][T12671] __page_pool_alloc_pages_slow+0x18c/0x770 [ 342.804193][T12671] page_pool_alloc_netmems+0xc4/0x160 [ 342.805771][T12671] skb_pp_cow_data+0x776/0xf10 [ 342.807155][T12671] skb_cow_data_for_xdp+0x88/0xb0 [ 342.808615][T12671] do_xdp_generic+0x3f1/0xe70 [ 342.809977][T12671] tun_get_user+0x1e04/0x3e50 [ 342.811342][T12671] tun_chr_write_iter+0xdc/0x210 [ 342.812758][T12671] vfs_write+0x5ae/0x1150 [ 342.814016][T12671] ksys_write+0x12b/0x250 [ 342.815262][T12671] __do_fast_syscall_32+0x73/0x120 [ 342.816773][T12671] do_fast_syscall_32+0x32/0x80 [ 342.818179][T12671] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 342.819989][T12671] page last free pid 0 tgid 0 stack trace: [ 342.821646][T12671] free_frozen_pages+0x6db/0xfb0 [ 342.823070][T12671] tlb_remove_table_rcu+0x116/0x1a0 [ 342.824555][T12671] rcu_core+0x79d/0x14d0 [ 342.825827][T12671] handle_softirqs+0x213/0x8f0 [ 342.827192][T12671] __irq_exit_rcu+0x109/0x170 [ 342.828552][T12671] irq_exit_rcu+0x9/0x30 [ 342.829782][T12671] sysvec_apic_timer_interrupt+0xa4/0xc0 [ 342.831386][T12671] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 342.833079][T12671] Modules linked in: [ 342.834240][T12671] CPU: 0 UID: 0 PID: 12671 Comm: syz.3.2183 Tainted: G B 6.14.0-syzkaller-00624-g2f2d52945852 #0 [ 342.834255][T12671] Tainted: [B]=BAD_PAGE [ 342.834259][T12671] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 342.834275][T12671] Call Trace: [ 342.834278][T12671] [ 342.834282][T12671] dump_stack_lvl+0x16c/0x1f0 [ 342.834298][T12671] bad_page+0xb3/0x1f0 [ 342.834308][T12671] ? __pfx_bad_page+0x10/0x10 [ 342.834318][T12671] ? page_bad_reason+0x9d/0x1e0 [ 342.834327][T12671] free_frozen_pages+0x701/0xfb0 [ 342.834341][T12671] page_frag_free+0x255/0x2a0 [ 342.834351][T12671] __xdp_return+0x363/0xac0 [ 342.834365][T12671] ? kmem_cache_free+0x2e2/0x4d0 [ 342.834379][T12671] bpf_xdp_adjust_tail+0x9de/0xf70 [ 342.834397][T12671] bpf_prog_f476d5219b92964a+0x1e/0x20 [ 342.834405][T12671] bpf_prog_run_generic_xdp+0xe33/0x1500 [ 342.834420][T12671] do_xdp_generic+0x70a/0xe70 [ 342.834431][T12671] ? __pfx_do_xdp_generic+0x10/0x10 [ 342.834445][T12671] ? tun_get_user+0x1d55/0x3e50 [ 342.834462][T12671] tun_get_user+0x1e04/0x3e50 [ 342.834477][T12671] ? __pfx___futex_wait+0x10/0x10 [ 342.834491][T12671] ? __pfx_tun_get_user+0x10/0x10 [ 342.834504][T12671] ? find_held_lock+0x2d/0x110 [ 342.834516][T12671] ? __pfx_lock_release+0x10/0x10 [ 342.834532][T12671] tun_chr_write_iter+0xdc/0x210 [ 342.834546][T12671] vfs_write+0x5ae/0x1150 [ 342.834559][T12671] ? __pfx_tun_chr_write_iter+0x10/0x10 [ 342.834573][T12671] ? __pfx_lock_release+0x10/0x10 [ 342.834586][T12671] ? __pfx_vfs_write+0x10/0x10 [ 342.834598][T12671] ? lock_acquire+0x2f/0xb0 [ 342.834610][T12671] ? __fget_files+0x40/0x3b0 [ 342.834626][T12671] ksys_write+0x12b/0x250 [ 342.834638][T12671] ? __pfx_ksys_write+0x10/0x10 [ 342.834653][T12671] __do_fast_syscall_32+0x73/0x120 [ 342.834667][T12671] do_fast_syscall_32+0x32/0x80 [ 342.834680][T12671] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 342.834696][T12671] RIP: 0023:0xf744e579 [ 342.834703][T12671] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 342.834713][T12671] RSP: 002b:00000000f50d6520 EFLAGS: 00000293 ORIG_RAX: 0000000000000004 [ 342.834722][T12671] RAX: ffffffffffffffda RBX: 00000000000000c8 RCX: 0000000080000a80 [ 342.834728][T12671] RDX: 000000000000fdef RSI: 00000000f743cff4 RDI: 0000000000000000 [ 342.834734][T12671] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 342.834740][T12671] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 342.834745][T12671] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 342.834753][T12671] [ 343.226054][ T8688] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 343.348656][ T8688] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 343.508221][ T8688] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 343.559254][ T8688] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 343.608866][ T8688] bridge_slave_1: left allmulticast mode [ 343.610773][ T8688] bridge_slave_1: left promiscuous mode [ 343.612255][ T8688] bridge0: port 2(bridge_slave_1) entered disabled state [ 343.614725][ T8688] bridge_slave_0: left allmulticast mode [ 343.616341][ T8688] bridge_slave_0: left promiscuous mode [ 343.617875][ T8688] bridge0: port 1(bridge_slave_0) entered disabled state [ 343.702232][ T8688] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 343.705256][ T8688] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 343.708634][ T8688] bond0 (unregistering): Released all slaves [ 343.989689][ T8688] hsr_slave_0: left promiscuous mode [ 343.992100][ T8688] hsr_slave_1: left promiscuous mode [ 343.994442][ T8688] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 343.997414][ T8688] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 344.000461][ T8688] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 344.003281][ T8688] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 344.008013][ T8688] veth1_macvtap: left promiscuous mode [ 344.010134][ T8688] veth0_macvtap: left promiscuous mode [ 344.011825][ T8688] veth1_vlan: left promiscuous mode [ 344.013274][ T8688] veth0_vlan: left promiscuous mode [ 344.187617][ T8688] team0 (unregistering): Port device team_slave_1 removed [ 344.220879][ T8688] team0 (unregistering): Port device team_slave_0 removed [ 344.732603][ T8688] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 344.788840][ T8688] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 344.829316][ T8688] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 344.867857][ T8688] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 344.946749][ T8688] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 344.997870][ T8688] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 345.057835][ T8688] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 345.117761][ T8688] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 345.165265][ T8688] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 345.237935][ T8688] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 345.317929][ T8688] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 345.357541][ T8688] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 345.436714][ T8688] bridge_slave_0: left allmulticast mode [ 345.438671][ T8688] bridge_slave_0: left promiscuous mode [ 345.440666][ T8688] bridge0: port 1(bridge_slave_0) entered disabled state [ 345.445267][ T8688] bridge_slave_0: left allmulticast mode [ 345.447327][ T8688] bridge_slave_0: left promiscuous mode [ 345.449301][ T8688] bridge0: port 1(bridge_slave_0) entered disabled state [ 345.838788][ T8688] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 345.842866][ T8688] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 345.845635][ T8688] bond0 (unregistering): Released all slaves [ 345.849620][ T8688] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 345.852793][ T8688] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 345.856378][ T8688] bond0 (unregistering): Released all slaves [ 345.861753][ T8688] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 345.865052][ T8688] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 345.868074][ T8688] bond0 (unregistering): Released all slaves [ 345.964124][ T8688] tipc: Disabling bearer [ 345.966718][ T8688] tipc: Left network mode [ 346.399162][ T8688] macvlan0: left promiscuous mode [ 346.400947][ T8688] batadv_slave_1: left promiscuous mode [ 346.404043][ T8688] hsr_slave_0: left promiscuous mode [ 346.406030][ T8688] hsr_slave_1: left promiscuous mode [ 346.407767][ T8688] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 346.409966][ T8688] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 346.412311][ T8688] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 346.414447][ T8688] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 346.418251][ T8688] hsr_slave_0: left promiscuous mode [ 346.420368][ T8688] hsr_slave_1: left promiscuous mode [ 346.422545][ T8688] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 346.424658][ T8688] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 346.427263][ T8688] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 346.429539][ T8688] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 346.433046][ T8688] hsr_slave_0: left promiscuous mode [ 346.434822][ T8688] hsr_slave_1: left promiscuous mode [ 346.436626][ T8688] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 346.438851][ T8688] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 346.442000][ T8688] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 346.444103][ T8688] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 346.449246][ T8688] veth1_macvtap: left allmulticast mode [ 346.451113][ T8688] veth1_macvtap: left promiscuous mode [ 346.452780][ T8688] veth0_macvtap: left promiscuous mode [ 346.454383][ T8688] veth1_vlan: left promiscuous mode [ 346.456121][ T8688] veth0_vlan: left promiscuous mode [ 346.458187][ T8688] veth1_macvtap: left allmulticast mode [ 346.459949][ T8688] veth1_macvtap: left promiscuous mode [ 346.461472][ T8688] veth0_macvtap: left promiscuous mode [ 346.463020][ T8688] veth1_vlan: left promiscuous mode [ 346.464483][ T8688] veth0_vlan: left promiscuous mode [ 346.466845][ T8688] veth1_macvtap: left allmulticast mode [ 346.468437][ T8688] veth1_macvtap: left promiscuous mode [ 346.470012][ T8688] veth0_macvtap: left promiscuous mode [ 346.471538][ T8688] veth1_vlan: left promiscuous mode [ 346.473005][ T8688] veth0_vlan: left promiscuous mode [ 347.029534][ T8688] team0 (unregistering): Port device team_slave_1 removed [ 347.065577][ T8688] team0 (unregistering): Port device team_slave_0 removed [ 347.298259][ T8688] team0 (unregistering): Port device team_slave_1 removed [ 347.331237][ T8688] team0 (unregistering): Port device team_slave_0 removed VM DIAGNOSIS: 06:46:09 Registers: info registers vcpu 0 CPU#0 RAX=0000000000000064 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff853e6e95 RDI=ffffffff9ab70da0 RBP=ffffffff9ab70d60 RSP=ffffc900204fefb0 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000005 R12=0000000000000000 R13=0000000000000064 R14=ffffffff9ab70d60 R15=0000000000000000 RIP=ffffffff853e6ebf RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802b400000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000080010000 CR3=0000000068cf6000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000000001 RBX=1ffff92004d76f49 RCX=0000000000000002 RDX=0000000000000000 RSI=0000000000000000 RDI=ffffffff8e1bd0c0 RBP=0000000000000000 RSP=ffffc90026bb79e8 R8 =0000000000000000 R9 =0000000000000000 R10=ffffffff90627517 R11=0000000000000002 R12=ffffffff8e1bd0c0 R13=ffffffff8e1bd0c0 R14=0000000000000000 R15=0000000000000000 RIP=ffffffff81967b61 RFL=00000006 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802b500000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000000c38332f CR3=00000000645b2000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=000000000078ea49 RBX=0000000000000002 RCX=ffffffff8b55c5f9 RDX=0000000000000000 RSI=ffffffff8b6cfd40 RDI=ffffffff8bd346a0 RBP=ffffed1003ad4488 RSP=ffffc9000049fe08 R8 =0000000000000001 R9 =ffffed10056c6f85 R10=ffff88802b637c2b R11=0000000000000000 R12=0000000000000002 R13=ffff88801d6a2440 R14=ffffffff90627510 R15=0000000000000000 RIP=ffffffff8b55d9df RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802b600000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000055cd6c9a1000 CR3=0000000065602000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=0000000000000007 RBX=00000000000000c7 RCX=ffffffff84c7f1dc RDX=0000000000000000 RSI=0000000000000a70 RDI=0000000000000000 RBP=ffff8880785d6590 RSP=ffffc90002df72d8 R8 =0000000000000007 R9 =0000000000000000 R10=0000000000000a71 R11=0000000000000002 R12=0000000000000a70 R13=dffffc0000000000 R14=000000003cf1e59c R15=0000000000000000 RIP=ffffffff84c7f1d7 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 ffffffff 00c00000 DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007fe8c8fc6d00 ffffffff 00c00000 GS =0000 ffff88802b700000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000055cd6c9a9000 CR3=000000004f62a000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000008082082 Opmask01=0000000000000000 Opmask02=00000000dfff7fff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 554245440045534f 4252455600524f52 5245004c41544146 0054454955510029 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 554245440045534f 4252455600524f52 5245004c41544146 005445495551000c ZMM20=0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 ZMM21=8ac272c58ac272c5 8ac272c58ac272c5 8ac272c58ac272c5 8ac272c58ac272c5 8ac272c58ac272c5 8ac272c58ac272c5 8ac272c58ac272c5 8ac272c58ac272c5 ZMM22=dcaf4810dcaf4810 dcaf4810dcaf4810 dcaf4810dcaf4810 dcaf4810dcaf4810 dcaf4810dcaf4810 dcaf4810dcaf4810 dcaf4810dcaf4810 dcaf4810dcaf4810 ZMM23=d4b61739d4b61739 d4b61739d4b61739 d4b61739d4b61739 d4b61739d4b61739 d4b61739d4b61739 d4b61739d4b61739 d4b61739d4b61739 d4b61739d4b61739 ZMM24=7bcc740d7bcc740d 7bcc740d7bcc740d 7bcc740d7bcc740d 7bcc740d7bcc740d 7bcc740d7bcc740d 7bcc740d7bcc740d 7bcc740d7bcc740d 7bcc740d7bcc740d ZMM25=eb7b839ceb7b839c eb7b839ceb7b839c eb7b839ceb7b839c eb7b839ceb7b839c eb7b839ceb7b839c eb7b839ceb7b839c eb7b839ceb7b839c eb7b839ceb7b839c ZMM26=9415cf519415cf51 9415cf519415cf51 9415cf519415cf51 9415cf519415cf51 9415cf519415cf51 9415cf519415cf51 9415cf519415cf51 9415cf519415cf51 ZMM27=6ae30d146ae30d14 6ae30d146ae30d14 6ae30d146ae30d14 6ae30d146ae30d14 6ae30d146ae30d14 6ae30d146ae30d14 6ae30d146ae30d14 6ae30d146ae30d14 ZMM28=000000c0000000bf 000000be000000bd 000000bc000000bb 000000ba000000b9 000000b8000000b7 000000b6000000b5 000000b4000000b3 000000b2000000b1 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=9e1b00009e1b0000 9e1b00009e1b0000 9e1b00009e1b0000 9e1b00009e1b0000 9e1b00009e1b0000 9e1b00009e1b0000 9e1b00009e1b0000 9e1b00009e1b0000